From 1d7959d798b367b96cf489d08623647587334821 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Asbj=C3=B8rn=20Sloth=20T=C3=B8nnesen?= Date: Fri, 19 Jul 2019 20:55:31 +0000 Subject: check bounds properly MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Asbjørn Sloth Tønnesen --- README.rst | 2 +- lua/inet/core.lua | 26 ++++++++++++++++++-------- test/inet.lua | 8 ++++++++ 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/README.rst b/README.rst index 186fca3..5698887 100644 --- a/README.rst +++ b/README.rst @@ -181,7 +181,7 @@ Subtract -- by calling the operator method directly additional debuging info are available: inet('2001:db8::5/64') - inet('ffff::') -- returns nil inet('2001:db8::5/64'):__sub(inet('ffff::')) - -- returns nil, 'result is out of range', { 8194, 3512, 0, 0, 0, 0, 0, 5 } + -- returns nil, 'out of range', { -57342, 3512, 0, 0, 0, 0, 0, 5 } -- mixed networks special: inet('::ffff:192.0.2.24') - inet('::ffff:0.0.0.0/96') -- returns inet('192.0.2.24') diff --git a/lua/inet/core.lua b/lua/inet/core.lua index f8e17cc..a91dacd 100644 --- a/lua/inet/core.lua +++ b/lua/inet/core.lua @@ -120,6 +120,9 @@ local function inet4_from_string(ipstr) end local function inet4_from_number(bip) + if bip < 0 or bip > 0xffffffff then + return nil, 'out of range' + end return bip end @@ -167,7 +170,7 @@ local function inet6_from_table(t) for i=1,8 do local v = t[i] if type(v) ~= 'number' then return nil, 'invalid number' end - if v < 0 or v > 0xffff then return nil, 'octet out of range' end + if v < 0 or v > 0xffff then return nil, 'piece out of range' end end return { t[1], t[2], t[3], t[4], t[5], t[6], t[7], t[8] } end @@ -437,11 +440,15 @@ local function do_balance(pcs, quick) pcs[i-1] = pcs[i-1] + extra i = i - 1 end - pcs[1] = band(pcs[1], 0xffff) + if pcs[1] < 0 or pcs[1] > 0xffff then + return nil, 'out of range' + end + return true end function inet6:balance(quick) - do_balance(self.pcs, quick) + local ok, err = do_balance(self.pcs, quick) + if not ok then return nil, err end return self end @@ -559,6 +566,10 @@ function inet6:contains(other) end local snet = self:network() + local foo, err = other:__div(mask) + if not foo then + print(err) + end local onet = (other / mask):network() return snet == onet @@ -641,8 +652,7 @@ function inet6:__add(n) else return nil, 'invalid argument' end - new:balance(true) - return new + return new:balance(true) end function inet6:__sub(n) @@ -657,7 +667,8 @@ function inet6:__sub(n) for i=1,8 do dpcs[i] = spcs[i] - npcs[i] end - do_balance(dpcs) + local ok, err = do_balance(dpcs) + if not ok then return nil, err, dpcs end local ret = 0 for i=1,8 do @@ -775,8 +786,7 @@ function inet6:__mul(n) pcs[p-1] = pcs[p-1] + high_shift end pcs[p] = pcs[p] + low_shift - new:balance() - return new + return new:balance() end local M = {} diff --git a/test/inet.lua b/test/inet.lua index 26d05e3..dd90fef 100644 --- a/test/inet.lua +++ b/test/inet.lua @@ -288,6 +288,14 @@ local function misc() assert(inet.is(inet('::'))) assert(inet.version == 1) + + -- check out of bounds handling + assert(inet('0.0.0.0') - 1 == nil) + assert(inet('255.255.255.255') + 1 == nil) + assert(inet('::') - 1 == nil) + assert(inet('ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff') + 1 == nil) + assert(inet('0.0.0.0/24') * -1 == nil) + assert(inet('255.255.255.0/24') * 1 == nil) end local t = test.new() -- cgit v1.2.1