mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 14:35:26 +00:00
Code Issues Releases Wiki Activity

Fixed probably with printing masked ip addresses.

Browse Source 
Catch bogus mask values.
This commit is contained in:
James Brister
2000-01-28 23:47:18 +00:00
parent d2935a05b8
commit c0b1ee1cc5
1 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
lib/dns/config/confip.c
View File

@@ -643,7 +643,12 @@ dns_c_ipmatchelement_print(FILE *fp, int indent,
bits = ipme->u.direct.mask;
if (bits > 0) {
fprintf(fp, "/%d", bits);
isc_uint32_t fam =
ipme->u.direct.address.type.sa.sa_family;
if ((fam == AF_INET && bits < 32) ||
(fam == AF_INET6 && bits < 128)) {
fprintf(fp, "/%d", bits);
}
}
break;
@@ -856,7 +861,7 @@ dns_c_iplist_print(FILE *fp, int indent, dns_c_iplist_t *list)
}
dns_c_printtabs(fp, indent - 1);
fprintf(fp, "};\n");
fprintf(fp, "}");
}
@@ -943,6 +948,10 @@ checkmask(isc_sockaddr_t *address, isc_uint32_t bits)
if (address->type.sa.sa_family == AF_INET) {
isc_uint32_t mask;
if (bits > 32) {
return (ISC_R_FAILURE);
}
mask = ntohl(0xffffffffU << (32 - bits));
if ((mask & address->type.sin.sin_addr.s_addr) !=
@@ -955,6 +964,10 @@ checkmask(isc_sockaddr_t *address, isc_uint32_t bits)
unsigned char *addrp;
int i;
if (bits > 128) {
return (ISC_R_FAILURE);
}
if (bits2v6mask(&iaddr, bits) != ISC_R_SUCCESS) {
return (ISC_R_FAILURE);
}
@@ -986,24 +999,24 @@ bits2v6mask(struct in6_addr *addr, isc_uint32_t bits)
isc_uint32_t bitmask[4];
char addrbuff [ sizeof "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" + 1 ];
INSIST(bits < 128);
INSIST(bits <= 128);
/* Break the 128 bits up into 32-bit sections */
bitmask[0] = bitmask[1] = bitmask[2] = bitmask[3] = 0U;
if (bits > 32) {
if (bits >= 32) {
bitmask[0] = 0xffffffffU;
} else if (bits > 0) {
bitmask[0] = 0xffffffffU << (32 - bits);
}
if (bits > 64) {
if (bits >= 64) {
bitmask[1] = 0xffffffffU;
} else if (bits > 32) {
bitmask[1] = 0xffffffffU << (64 - bits);
}
if (bits > 96) {
if (bits >= 96) {
bitmask[2] = 0xffffffffU;
bitmask[3] = 0xffffffffU << (128 - bits);
} else if (bits > 64) {
@@ -1022,7 +1035,7 @@ bits2v6mask(struct in6_addr *addr, isc_uint32_t bits)
(((bitmask[3] & 0xffff0000U) >> 16) & 0xffffU),
(bitmask[3] & 0xffff));
i = inet_pton(AF_INET6, addrbuff, &addr);
i = inet_pton(AF_INET6, addrbuff, addr);
return (i == 1 ? ISC_R_SUCCESS : ISC_R_FAILURE);
}