diff options
| author | Mikhail Sennikovsky <mikhail.sennikovskii@ionos.com> | 2022-06-24 17:01:25 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-06-27 12:03:13 +0200 |
| commit | 9d5278391f0dd8e9e7390a5280979ccc40b502b8 (patch) | |
| tree | 20506da7a89d15cfcbbe8efddd2aa7115796dc64 | |
| parent | 5b1f4ea66afbf1bb20ec4c2de06bb5d8ae0a27cd (diff) | |
| download | conntrack-tools-9d5278391f0dd8e9e7390a5280979ccc40b502b8.tar.gz | |
conntrack: fix protocol number parsing
Before this commit it was possible to successfully create a ct entry
passing -p 256 and -p some_nonsense.
In both cases an entry with the protocol=0 would be created.
Do not allow invalid protocol values to -p option.
Include testcases covering the issue.
Signed-off-by: Mikhail Sennikovsky <mikhail.sennikovskii@ionos.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | src/conntrack.c | 19 | ||||
| -rw-r--r-- | tests/conntrack/testsuite/00create | 10 |
2 files changed, 27 insertions, 2 deletions
diff --git a/src/conntrack.c b/src/conntrack.c index 500e736..e381543 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -882,6 +882,21 @@ static int ct_save_snprintf(char *buf, size_t len, extern struct ctproto_handler ct_proto_unknown; +static int parse_proto_num(const char *str) +{ + char *endptr; + long val; + + val = strtol(str, &endptr, 0); + if (val >= IPPROTO_MAX || + val < 0 || + endptr == str || + *endptr != '\0') + return -1; + + return val; +} + static struct ctproto_handler *findproto(char *name, int *pnum) { struct ctproto_handler *cur; @@ -901,8 +916,8 @@ static struct ctproto_handler *findproto(char *name, int *pnum) return &ct_proto_unknown; } /* using a protocol number? */ - protonum = atoi(name); - if (protonum >= 0 && protonum <= IPPROTO_MAX) { + protonum = parse_proto_num(name); + if (protonum >= 0) { /* try lookup by number, perhaps this protocol is supported */ list_for_each_entry(cur, &proto_list, head) { if (cur->protonum == protonum) { diff --git a/tests/conntrack/testsuite/00create b/tests/conntrack/testsuite/00create index 9962e23..af22f18 100644 --- a/tests/conntrack/testsuite/00create +++ b/tests/conntrack/testsuite/00create @@ -61,3 +61,13 @@ -D -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p 200 ; OK # delete again -D -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p 200 ; BAD +# Invalid protocol values +# 256 should fail +-I -t 10 -s 1.1.1.1 -d 2.2.2.2 -r 2.2.2.2 -q 1.1.1.1 -p 256 ; BAD +# take some invalid protocol name +-I -t 10 -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p foo ; BAD +# take some other invalid protocol values +-I -t 10 -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p -10 ; BAD +-I -t 10 -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p 2000 ; BAD +-I -t 10 -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p 20foo ; BAD +-I -t 10 -s 0.0.0.0 -d 224.0.0.22 -r 224.0.0.22 -q 0.0.0.0 -p foo20 ; BAD |