diff options
-rw-r--r-- | lib/parse.c | 13 | ||||
-rw-r--r-- | tests/macipmap.t | 8 |
2 files changed, 16 insertions, 5 deletions
diff --git a/lib/parse.c b/lib/parse.c index 4db872e..be6e833 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -180,24 +180,27 @@ int ipset_parse_ether(struct ipset_session *session, enum ipset_opt opt, const char *str) { - unsigned int i = 0; + size_t len, p = 0, i = 0; unsigned char ether[ETH_ALEN]; assert(session); assert(opt == IPSET_OPT_ETHER); assert(str); - if (strlen(str) != ETH_ALEN * 3 - 1) + len = strlen(str); + + if (len > ETH_ALEN * 3 - 1) goto error; for (i = 0; i < ETH_ALEN; i++) { long number; char *end; - number = strtol(str + i * 3, &end, 16); + number = strtol(str + p, &end, 16); + p = end - str + 1; - if (end == str + i * 3 + 2 && - (*end == ':' || *end == '\0') && + if (((*end == ':' && i < ETH_ALEN - 1) || + (*end == '\0' && i == ETH_ALEN - 1)) && number >= 0 && number <= 255) ether[i] = number; else diff --git a/tests/macipmap.t b/tests/macipmap.t index 53b12fa..45783d6 100644 --- a/tests/macipmap.t +++ b/tests/macipmap.t @@ -44,6 +44,14 @@ 0 diff -u -I 'Size in memory.*' .foo macipmap.t.list0 # Range: Flush test set 0 ipset -F test +# Range: Catch invalid (too long) MAC +1 ipset -A test 2.0.0.2,00:11:22:33:44:55:66 +# Range: Catch invalid (too short) MAC +1 ipset -A test 2.0.0.2,00:11:22:33:44 +# Range: Add an element with MAC without leading zeros +0 ipset -A test 2.0.0.2,0:1:2:3:4:5 +# Range: Check element with MAC without leading zeros +0 ipset -T test 2.0.0.2,0:1:2:3:4:5 # Range: Delete test set 0 ipset -X test # Network: Try to create a set from an invalid network |