diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2014-01-06 16:59:33 +0000 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2014-01-06 16:59:33 +0000 |
| commit | 02c5329cc042d2f58a0af8920888f29d41c43c7b (patch) | |
| tree | 1621bc3dda8b084dbc557c31586f343e2bdea011 | |
| parent | 3acedc39adb56990a6241936814938afaf96b8bb (diff) | |
| download | rspamd-02c5329cc042d2f58a0af8920888f29d41c43c7b.tar.gz rspamd-02c5329cc042d2f58a0af8920888f29d41c43c7b.zip | |
Validate IP addresses before pushing them to lua.
| -rw-r--r-- | src/lua/lua_ip.c | 23 | ||||
| -rw-r--r-- | src/util.c | 23 | ||||
| -rw-r--r-- | src/util.h | 8 |
3 files changed, 45 insertions, 9 deletions
diff --git a/src/lua/lua_ip.c b/src/lua/lua_ip.c index a040901b8..014b35493 100644 --- a/src/lua/lua_ip.c +++ b/src/lua/lua_ip.c @@ -244,18 +244,23 @@ lua_ip_push (lua_State *L, int af, gpointer data) { struct rspamd_lua_ip *ip, **pip; - ip = g_slice_alloc (sizeof (struct rspamd_lua_ip)); - - ip->af = af; - if (af == AF_INET6) { - memcpy (&ip->data, data, sizeof (struct in6_addr)); + if (!rspamd_ip_is_valid (data, af)) { + lua_pushnil (L); } else { - memcpy (&ip->data, data, sizeof (struct in_addr)); + ip = g_slice_alloc (sizeof (struct rspamd_lua_ip)); + + ip->af = af; + if (af == AF_INET6) { + memcpy (&ip->data, data, sizeof (struct in6_addr)); + } + else { + memcpy (&ip->data, data, sizeof (struct in_addr)); + } + pip = lua_newuserdata (L, sizeof (struct rspamd_lua_ip *)); + lua_setclass (L, "rspamd{ip}", -1); + *pip = ip; } - pip = lua_newuserdata (L, sizeof (struct rspamd_lua_ip *)); - lua_setclass (L, "rspamd{ip}", -1); - *pip = ip; } void diff --git a/src/util.c b/src/util.c index 776e807d1..14af4b2bd 100644 --- a/src/util.c +++ b/src/util.c @@ -2440,6 +2440,29 @@ rspamd_prng_seed (void) g_random_set_seed (rand_seed); } +gboolean +rspamd_ip_is_valid (void *ptr, int af) +{ + const struct in_addr ip4_any = { INADDR_ANY }, ip4_none = { INADDR_NONE }; + const struct in6_addr ip6_any = IN6ADDR_ANY_INIT; + + gboolean ret = FALSE; + + if (G_LIKELY (af == AF_INET)) { + if (memcmp (ptr, &ip4_any, sizeof (struct in_addr)) != 0 && + memcmp (ptr, &ip4_none, sizeof (struct in_addr)) != 0) { + ret = TRUE; + } + } + else if (G_UNLIKELY (af == AF_INET6)) { + if (memcmp (ptr, &ip6_any, sizeof (struct in6_addr)) != 0) { + ret = TRUE; + } + } + + return ret; +} + /* * vi:ts=4 */ diff --git a/src/util.h b/src/util.h index c36587cab..910981986 100644 --- a/src/util.h +++ b/src/util.h @@ -462,4 +462,12 @@ void rspamd_prng_seed (void); */ void rspamd_random_bytes (gchar *buf, gsize buflen); +/** + * Check whether specified ip is valid (not INADDR_ANY or INADDR_NONE) for ipv4 or ipv6 + * @param ptr pointer to struct in_addr or struct in6_addr + * @param af address family (AF_INET or AF_INET6) + * @return TRUE if the address is valid + */ +gboolean rspamd_ip_is_valid (void *ptr, int af); + #endif |