svn commit: r310501 - head/contrib/bsnmp/lib

Sat, 24 Dec 2016 03:42:07 -0800 

Author: ngie
Date: Sat Dec 24 11:41:16 2016
New Revision: 310501
URL: https://svnweb.freebsd.org/changeset/base/310501

Log:
  Be more strict about IpAddress type in snmp_value_parse(..)
  
  - Use inet_pton with AF_INET instead of doing longhand with sscanf.
  - Use gethostbyname2 with AF_INET to ensure that the hostname isn't
    accidentally parsed with another address family, e.g. AF_INET6.
  
  NB: IpAddress per RFC-2578 is IPv4 only. Work is in progress to add
      the InetAddress type and friends documented in RFC-4001 and
      elsewhere (which supports IPv4, IPv6, and more).
  
  MFC after:    2 weeks

Modified:
  head/contrib/bsnmp/lib/snmp.c

Modified: head/contrib/bsnmp/lib/snmp.c
==============================================================================
--- head/contrib/bsnmp/lib/snmp.c       Sat Dec 24 11:30:24 2016        
(r310500)
+++ head/contrib/bsnmp/lib/snmp.c       Sat Dec 24 11:41:16 2016        
(r310501)
@@ -51,6 +51,8 @@
 #elif defined(HAVE_INTTYPES_H)
 #include <inttypes.h>
 #endif
+#include <netinet/in.h>
+#include <arpa/inet.h>
 
 #include "asn1.h"
 #include "snmp.h"
@@ -1384,29 +1386,16 @@ snmp_value_parse(const char *str, enum s
          case SNMP_SYNTAX_IPADDRESS:
            {
                struct hostent *he;
-               u_long ip[4];
-               int n;
 
-               if (sscanf(str, "%lu.%lu.%lu.%lu%n", &ip[0], &ip[1], &ip[2],
-                   &ip[3], &n) == 4 && (size_t)n == strlen(str) &&
-                   ip[0] <= 0xff && ip[1] <= 0xff &&
-                   ip[2] <= 0xff && ip[3] <= 0xff) {
-                       v->ipaddress[0] = (u_char)ip[0];
-                       v->ipaddress[1] = (u_char)ip[1];
-                       v->ipaddress[2] = (u_char)ip[2];
-                       v->ipaddress[3] = (u_char)ip[3];
+               if (inet_pton(AF_INET, str, &v->ipaddress) == 1)
                        return (0);
-               }
-
-               if ((he = gethostbyname(str)) == NULL)
+               if ((he = gethostbyname2(str, AF_INET)) == NULL)
                        return (-1);
                if (he->h_addrtype != AF_INET)
                        return (-1);
 
-               v->ipaddress[0] = he->h_addr[0];
-               v->ipaddress[1] = he->h_addr[1];
-               v->ipaddress[2] = he->h_addr[2];
-               v->ipaddress[3] = he->h_addr[3];
+               memcpy(v->ipaddress, he->h_addr, sizeof(v->ipaddress));
+
                return (0);
            }
 
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to