Correct some missing endian conversions of IPv4 addresses
The INADDR_LOOPBACK constant is in host endianness, and similarly the IN_MULTICAST macro expects a host endian address. However, there are some places in passt where we use those with network endian values. This means that passt will incorrectly allow you to set 127.0.0.1 or a multicast address as the guest address or DNS forwarding address. Add the necessary conversions to correct this. INADDR_ANY and INADDR_BROADCAST logically behave the same way, although because they're palindromes it doesn't have an effect in practice. Change them to be logically correct while we're there, though. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
40fc9e6e7b
commit
2b793d94ca
2 changed files with 14 additions and 14 deletions
26
conf.c
26
conf.c
|
@ -1164,11 +1164,11 @@ void conf(struct ctx *c, int argc, char **argv)
|
||||||
!IN6_IS_ADDR_LOOPBACK(&c->ip6.dns_fwd))
|
!IN6_IS_ADDR_LOOPBACK(&c->ip6.dns_fwd))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
if (c->ip4.dns_fwd == INADDR_ANY &&
|
if (c->ip4.dns_fwd == htonl(INADDR_ANY) &&
|
||||||
inet_pton(AF_INET, optarg, &c->ip4.dns_fwd) &&
|
inet_pton(AF_INET, optarg, &c->ip4.dns_fwd) &&
|
||||||
c->ip4.dns_fwd != INADDR_ANY &&
|
c->ip4.dns_fwd != htonl(INADDR_ANY) &&
|
||||||
c->ip4.dns_fwd != INADDR_BROADCAST &&
|
c->ip4.dns_fwd != htonl(INADDR_BROADCAST) &&
|
||||||
c->ip4.dns_fwd != INADDR_LOOPBACK)
|
c->ip4.dns_fwd != htonl(INADDR_LOOPBACK))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
err("Invalid DNS forwarding address: %s", optarg);
|
err("Invalid DNS forwarding address: %s", optarg);
|
||||||
|
@ -1362,12 +1362,12 @@ void conf(struct ctx *c, int argc, char **argv)
|
||||||
!IN6_IS_ADDR_MULTICAST(&c->ip6.addr))
|
!IN6_IS_ADDR_MULTICAST(&c->ip6.addr))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
if (c->ip4.addr == INADDR_ANY &&
|
if (c->ip4.addr == htonl(INADDR_ANY) &&
|
||||||
inet_pton(AF_INET, optarg, &c->ip4.addr) &&
|
inet_pton(AF_INET, optarg, &c->ip4.addr) &&
|
||||||
c->ip4.addr != INADDR_ANY &&
|
c->ip4.addr != htonl(INADDR_ANY) &&
|
||||||
c->ip4.addr != INADDR_BROADCAST &&
|
c->ip4.addr != htonl(INADDR_BROADCAST) &&
|
||||||
c->ip4.addr != INADDR_LOOPBACK &&
|
c->ip4.addr != htonl(INADDR_LOOPBACK) &&
|
||||||
!IN_MULTICAST(c->ip4.addr))
|
!IN_MULTICAST(ntohl(c->ip4.addr)))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
err("Invalid address: %s", optarg);
|
err("Invalid address: %s", optarg);
|
||||||
|
@ -1405,11 +1405,11 @@ void conf(struct ctx *c, int argc, char **argv)
|
||||||
!IN6_IS_ADDR_LOOPBACK(&c->ip6.gw))
|
!IN6_IS_ADDR_LOOPBACK(&c->ip6.gw))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
if (c->ip4.gw == INADDR_ANY &&
|
if (c->ip4.gw == htonl(INADDR_ANY) &&
|
||||||
inet_pton(AF_INET, optarg, &c->ip4.gw) &&
|
inet_pton(AF_INET, optarg, &c->ip4.gw) &&
|
||||||
c->ip4.gw != INADDR_ANY &&
|
c->ip4.gw != htonl(INADDR_ANY) &&
|
||||||
c->ip4.gw != INADDR_BROADCAST &&
|
c->ip4.gw != htonl(INADDR_BROADCAST) &&
|
||||||
c->ip4.gw != INADDR_LOOPBACK)
|
c->ip4.gw != htonl(INADDR_LOOPBACK))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
err("Invalid gateway address: %s", optarg);
|
err("Invalid gateway address: %s", optarg);
|
||||||
|
|
2
icmp.c
2
icmp.c
|
@ -154,7 +154,7 @@ int icmp_tap_handler(const struct ctx *c, int af, const void *addr,
|
||||||
union icmp_epoll_ref iref = { .icmp.v6 = 0 };
|
union icmp_epoll_ref iref = { .icmp.v6 = 0 };
|
||||||
struct sockaddr_in sa = {
|
struct sockaddr_in sa = {
|
||||||
.sin_family = AF_INET,
|
.sin_family = AF_INET,
|
||||||
.sin_addr = { .s_addr = INADDR_ANY },
|
.sin_addr = { .s_addr = htonl(INADDR_ANY) },
|
||||||
};
|
};
|
||||||
struct icmphdr *ih;
|
struct icmphdr *ih;
|
||||||
int id, s;
|
int id, s;
|
||||||
|
|
Loading…
Reference in a new issue