Skip to content

Commit

Permalink
Rectify undefined behavior of out-of-range shift op
Browse files Browse the repository at this point in the history 
Fixes #1717, closes #1718
  • Loading branch information
nnposter committed Sep 3, 2019
1 parent 8d59507 commit 9e8852a
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 7 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
#Nmap Changelog ($Id$); -*-text-*-

o [GH#1717][GH#1718] Processing of IP address CIDR blocks was not working
correctly on ppc64, ppc64le, and s390x architectures. [rfrohl, nnposter]

o [Windows] Add support for the new loopback behavior in Npcap 0.9983. This
enables Nmap to scan localhost on Windows without needing the Npcap Loopback
Adapter to be installed, which was a source of problems for some users.
Expand Down
16 changes: 9 additions & 7 deletions nbase/nbase_addrset.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -477,30 +477,32 @@ static int sockaddr_to_addr(const struct sockaddr *sa, u32 *addr)

static int sockaddr_to_mask (const struct sockaddr *sa, int bits, u32 *mask)
{
s8 i;
int unmasked_bits = 0;
int i, k;
if (bits >= 0) {
if (sa->sa_family == AF_INET) {
unmasked_bits = 32 - bits;
bits += 96;
}
#ifdef HAVE_IPV6
else if (sa->sa_family == AF_INET6) {
unmasked_bits = 128 - bits;
; /* do nothing */
}
#endif
else {
return 0;
}
}
else
bits = 128;
k = bits / 32;
for (i=0; i < 4; i++) {
if (unmasked_bits <= 32 * (3 - i)) {
if (i < k) {
mask[i] = 0xffffffff;
}
else if (unmasked_bits >= 32 * (4 - i)) {
else if (i > k) {
mask[i] = 0;
}
else {
mask[i] = ~((1 << (unmasked_bits - (32 * (4 - i)))) - 1);
mask[i] = 0xfffffffe << (31 - bits % 32);
}
}
return 1;
Expand Down
19 changes: 19 additions & 0 deletions ncat/test/test-addrset.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,25 @@ test_addrset "1:2::0003/120" "1:2::3 1:2::0 1:2::ff" <<EOF
1:3::3
EOF

# IPv6 CIDR netmask.
test_addrset "1:2::3:4:5/95" "1:2::3:4:5 1:2::2:0:0 1:2::3:ffff:ffff" <<EOF
1:2::3:4:5
1:2::1:ffff:ffff
1:2::2:0:0
1:2::3:ffff:ffff
1:2::4:0:0
1:3::3
EOF

# IPv6 CIDR netmask.
test_addrset "11::2/15" "11::2:3:4:5 10::1 11:ffff:ffff:ffff:ffff:ffff:ffff:ffff" <<EOF
11::2:3:4:5
9:ffff:ffff:ffff:ffff:ffff:ffff:ffff
10::1
11:ffff:ffff:ffff:ffff:ffff:ffff:ffff
12::0
EOF

# /128 netmask.
test_addrset "1:2::0003/128" "1:2::3" <<EOF
1:2::3
Expand Down

0 comments on commit 9e8852a

Please sign in to comment.