git: 7e88d8fec4e8 - stable/14 - route: error on IPv4 network routes with incorrect destination
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 22 Jan 2024 16:42:41 UTC
The branch stable/14 has been updated by karels: URL: https://cgit.FreeBSD.org/src/commit/?id=7e88d8fec4e8adc258378c7a68adf6cef1da8ad4 commit 7e88d8fec4e8adc258378c7a68adf6cef1da8ad4 Author: Mike Karels <karels@FreeBSD.org> AuthorDate: 2024-01-15 21:14:54 +0000 Commit: Mike Karels <karels@FreeBSD.org> CommitDate: 2024-01-22 16:42:16 +0000 route: error on IPv4 network routes with incorrect destination Route destinations like 10/8 are most likely intended as a shorthand for 10.0.0.0/8, but instead it means 0.0.0.10/8, which includes only bits in the host part of the mask, and hence adds a route to 0.0.0.0/8. In 12.x, there was code to "do what I mean", which was removed as part of a cleanup of old network class remnants. Given that we have gone this long without that code, do not restore that behavior. Instead, detect the issue and produce an error. Specifically, if there are no dots in a numeric IPv4 address, the mask is specified with CIDR notation (using a slash), and there are bits set in the host part, produce an error like this for 10/8: route: malformed address, bits set after mask; 10 means 0.0.0.10 PR: 258874 Reviewed by: melifaro, emaste Differential Revision: https://reviews.freebsd.org/D43384 (cherry picked from commit b9e8ae1d8a424194b4e185359da4ded163f24f4e) --- sbin/route/route.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/sbin/route/route.c b/sbin/route/route.c index 3913bdc9e6af..7cf2bf842559 100644 --- a/sbin/route/route.c +++ b/sbin/route/route.c @@ -1342,6 +1342,9 @@ getaddr(int idx, char *str, int nrflags) q = strchr(str,'/'); if (q != NULL && idx == RTAX_DST) { /* A.B.C.D/NUM */ + struct sockaddr_in *mask; + uint32_t mask_bits; + *q = '\0'; if (inet_aton(str, &sin->sin_addr) == 0) errx(EX_NOHOST, "bad address: %s", str); @@ -1351,6 +1354,20 @@ getaddr(int idx, char *str, int nrflags) errx(EX_NOHOST, "bad mask length: %s", q + 1); inet_makemask((struct sockaddr_in *)&so[RTAX_NETMASK],masklen); + + /* + * Check for bogus destination such as "10/8"; heuristic is + * that there are bits set in the host part, and no dot + * is present. + */ + mask = ((struct sockaddr_in *) &so[RTAX_NETMASK]); + mask_bits = ntohl(mask->sin_addr.s_addr); + if ((ntohl(sin->sin_addr.s_addr) & ~mask_bits) != 0 && + strchr(str, '.') == NULL) + errx(EX_NOHOST, + "malformed address, bits set after mask;" + " %s means %s", + str, inet_ntoa(sin->sin_addr)); return (0); } if (inet_aton(str, &sin->sin_addr) != 0)