Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Print usage and exit when -N used with invalid IP. #2227

Merged
merged 1 commit into from May 8, 2018
Merged

Print usage and exit when -N used with invalid IP. #2227

merged 1 commit into from May 8, 2018

Conversation

chrisd8088
Copy link
Contributor

@chrisd8088 chrisd8088 commented May 8, 2018
edited

Issue type

  • Defect - Crash or memory corruption.
  • Defect - Non compliance with a standards document, or incorrect API usage.
  • Defect - Unexpected behaviour (obvious or verified by project member).
  • Feature request.

Defect/Feature description

The command-line argument supplied with the -N option is supposed to be an IP address for filtering purposes, and is passed to inet_pton() to be validated. However, the return value from inet_pton() is not checked properly; it will be zero if input string is invalid, but radwho only checks for a negative value. (The return will never be negative in this case, because the address family AF_INET parameter is always valid.)

How to reproduce issue

radwho -N foo
Should output help/usage text and exit, but instead proceeds to look for radutmp file.

Commit message from pull request

Check for all possible error return values from inet_pton(),
particularly zero, as this indicates an invalid IP address was
passed in the input string, whereas -1 is returned only when the
address family parameter is invalid, which is never the case
here because it's always AF_INET.

@chrisd8088
Print usage and exit when -N used with invalid IP.
d185ceb 
Check for all possible error return values from inet_pton(),
particularly zero, as this indicates an invalid IP address was
passed in the input string, whereas -1 is returned only when the
address family parameter is invalid, which is never the case
here because it's always AF_INET.
@alandekok alandekok merged commit c3e7f60 into FreeRADIUS:v4.0.x May 8, 2018
@chrisd8088 chrisd8088 deleted the radwho_check_inet_pton_ret branch May 8, 2018 17:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@chrisd8088 @alandekok