Check broadcast address sanity before believing it.
This commit is contained in:
Martin Mares
parent
bcbdcbb6ae
commit
2836ce3951
1 changed files with 10 additions and 6 deletions
|
|
@ -377,24 +377,28 @@ nl_parse_addr(struct nlmsghdr *h)
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ip_addr netmask = ipa_mkmask(ifa.pxlen);
|
ip_addr netmask = ipa_mkmask(ifa.pxlen);
|
||||||
|
ip_addr xbrd;
|
||||||
|
ifa.prefix = ipa_and(ifa.ip, netmask);
|
||||||
|
ifa.brd = ipa_or(ifa.ip, ipa_not(netmask));
|
||||||
#ifndef IPV6
|
#ifndef IPV6
|
||||||
if (i->ifa_prefixlen == BITS_PER_IP_ADDRESS - 2)
|
if (i->ifa_prefixlen == BITS_PER_IP_ADDRESS - 2)
|
||||||
ifa.opposite = ipa_opposite(ifa.ip);
|
ifa.opposite = ipa_opposite(ifa.ip);
|
||||||
if ((ifi->flags & IF_BROADCAST) && a[IFA_BROADCAST])
|
if ((ifi->flags & IF_BROADCAST) && a[IFA_BROADCAST])
|
||||||
{
|
{
|
||||||
memcpy(&ifa.brd, RTA_DATA(a[IFA_BROADCAST]), sizeof(ifa.brd));
|
memcpy(&xbrd, RTA_DATA(a[IFA_BROADCAST]), sizeof(xbrd));
|
||||||
ipa_ntoh(ifa.brd);
|
ipa_ntoh(xbrd);
|
||||||
|
if (ipa_equal(xbrd, ifa.prefix) || ipa_equal(xbrd, ifa.brd))
|
||||||
|
ifa.brd = xbrd;
|
||||||
|
else
|
||||||
|
log(L_ERR "KIF: Invalid broadcast address %I for %s", xbrd, ifi->name);
|
||||||
}
|
}
|
||||||
else
|
|
||||||
ifa.brd = ipa_or(ifa.ip, ipa_not(netmask));
|
|
||||||
#endif
|
#endif
|
||||||
ifa.prefix = ipa_and(ifa.ip, netmask);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
scope = ipa_classify(ifa.ip);
|
scope = ipa_classify(ifa.ip);
|
||||||
if (scope < 0)
|
if (scope < 0)
|
||||||
{
|
{
|
||||||
log(L_ERR "KIF: Invalid interface address %I", ifa.ip);
|
log(L_ERR "KIF: Invalid interface address %I for %s", ifa.ip, ifi->name);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
ifa.scope = scope & IADDR_SCOPE_MASK;
|
ifa.scope = scope & IADDR_SCOPE_MASK;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue