sbin/ipfw: Fix parsing error in table based forward
The argument parser does not recognise the optional port for an "tablearg" argument. Fix simplifies the code by make the internal representation expicit for the parser. PR: 252744 MFC: 1 week Reported by: <bugs.freebsd.org@mx.zzux.com> Approved by: nc Tested by: <bugs.freebsd.org@mx.zzux.com> Differential Revision: https://reviews.freebsd.org/D30164
This commit is contained in:
parent
9146c6240d
commit
6cb13813ca
@ -4021,57 +4021,54 @@ compile_rule(char *av[], uint32_t *rbuf, int *rbufsize, struct tidx *tstate)
|
|||||||
|
|
||||||
NEED1("missing forward address[:port]");
|
NEED1("missing forward address[:port]");
|
||||||
|
|
||||||
if (_substrcmp(*av, "tablearg") == 0) {
|
if (strncmp(*av, "tablearg", 8) == 0)
|
||||||
family = PF_INET;
|
memcpy(++(*av), "0.0.0.0", 7);
|
||||||
((struct sockaddr_in*)&result)->sin_addr.s_addr =
|
|
||||||
INADDR_ANY;
|
|
||||||
} else {
|
|
||||||
/*
|
|
||||||
* Are we an bracket-enclosed IPv6 address?
|
|
||||||
*/
|
|
||||||
if (strchr(*av, '['))
|
|
||||||
(*av)++;
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* locate the address-port separator (':' or ',')
|
* Are we an bracket-enclosed IPv6 address?
|
||||||
*/
|
*/
|
||||||
s = strchr(*av, ',');
|
if (strchr(*av, '['))
|
||||||
if (s == NULL) {
|
(*av)++;
|
||||||
s = strchr(*av, ']');
|
|
||||||
/* Prevent erroneous parsing on brackets. */
|
|
||||||
if (s != NULL)
|
|
||||||
*(s++) = '\0';
|
|
||||||
else
|
|
||||||
s = *av;
|
|
||||||
|
|
||||||
/* Distinguish between IPv4:port and IPv6 cases. */
|
/*
|
||||||
s = strchr(s, ':');
|
* locate the address-port separator (':' or ',')
|
||||||
if (s && strchr(s+1, ':'))
|
*/
|
||||||
s = NULL; /* no port */
|
s = strchr(*av, ',');
|
||||||
}
|
if (s == NULL) {
|
||||||
|
s = strchr(*av, ']');
|
||||||
if (s != NULL) {
|
/* Prevent erroneous parsing on brackets. */
|
||||||
/* Terminate host portion and set s to start of port. */
|
if (s != NULL)
|
||||||
*(s++) = '\0';
|
*(s++) = '\0';
|
||||||
i = strtoport(s, &end, 0 /* base */, 0 /* proto */);
|
else
|
||||||
if (s == end)
|
s = *av;
|
||||||
errx(EX_DATAERR,
|
|
||||||
"illegal forwarding port ``%s''", s);
|
|
||||||
port_number = (u_short)i;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/* Distinguish between IPv4:port and IPv6 cases. */
|
||||||
* Resolve the host name or address to a family and a
|
s = strchr(s, ':');
|
||||||
* network representation of the address.
|
if (s && strchr(s+1, ':'))
|
||||||
*/
|
s = NULL; /* no port */
|
||||||
if (getaddrinfo(*av, NULL, NULL, &res))
|
|
||||||
errx(EX_DATAERR, NULL);
|
|
||||||
/* Just use the first host in the answer. */
|
|
||||||
family = res->ai_family;
|
|
||||||
memcpy(&result, res->ai_addr, res->ai_addrlen);
|
|
||||||
freeaddrinfo(res);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (s != NULL) {
|
||||||
|
/* Terminate host portion and set s to start of port. */
|
||||||
|
*(s++) = '\0';
|
||||||
|
i = strtoport(s, &end, 0 /* base */, 0 /* proto */);
|
||||||
|
if (s == end)
|
||||||
|
errx(EX_DATAERR,
|
||||||
|
"illegal forwarding port ``%s''", s);
|
||||||
|
port_number = (u_short)i;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Resolve the host name or address to a family and a
|
||||||
|
* network representation of the address.
|
||||||
|
*/
|
||||||
|
if (getaddrinfo(*av, NULL, NULL, &res))
|
||||||
|
errx(EX_DATAERR, NULL);
|
||||||
|
/* Just use the first host in the answer. */
|
||||||
|
family = res->ai_family;
|
||||||
|
memcpy(&result, res->ai_addr, res->ai_addrlen);
|
||||||
|
freeaddrinfo(res);
|
||||||
|
|
||||||
if (family == PF_INET) {
|
if (family == PF_INET) {
|
||||||
ipfw_insn_sa *p = (ipfw_insn_sa *)action;
|
ipfw_insn_sa *p = (ipfw_insn_sa *)action;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user