X-Git-Url: http://git.ozlabs.org/?p=yaboot.git;a=blobdiff_plain;f=second%2Ffile.c;h=6b997b0589b0506155088d25d809eca41e02781b;hp=0ad981bbf99c4aaaf2ae8c3ddf076e5dbfb95e8f;hb=11f8168a5e7a6f966693e371697920e0be7abc0f;hpb=f91756b6306e4da8aef013c8b375b32c2c0c3a2f diff --git a/second/file.c b/second/file.c index 0ad981b..6b997b0 100644 --- a/second/file.c +++ b/second/file.c @@ -51,6 +51,42 @@ ipv4_to_str(__u32 ip) return buf; } +/* Ensure the string arg is a plausible IPv4 address */ +static char * is_valid_ipv4_str(char *str) +{ + int i; + long tmp; + __u32 ip = 0; + char *ptr=str, *endptr; + + if (str == NULL) + return NULL; + + for (i=0; i<4; i++, ptr = ++endptr) { + tmp = strtol(ptr, &endptr, 10); + if ((tmp & 0xff) != tmp) + return NULL; + + /* If we reach the end of the string but we're not in the 4th octet + * we have an invalid IP */ + if (*endptr == '\x0' && i!=3) + return NULL; + + /* If we have anything other than a NULL or '.' we have an invlaid + * IP */ + if (*endptr != '\x0' && *endptr != '.') + return NULL; + + ip += (tmp << (24-(i*8))); + } + + if (ip == 0 || ip == ~0u) + return NULL; + + return str; +} + + /* * Copy the string from source to dest till newline or comma(,) is seen * in the source. @@ -130,10 +166,10 @@ extract_ipv4_args(char *imagepath, struct boot_fspec_t *result) * read the arguments in order: siaddr,filename,ciaddr,giaddr, * bootp-retries,tftp-retries,addl_prameters */ - result->siaddr = scopy(&str, &args); + result->siaddr = is_valid_ipv4_str(scopy(&str, &args)); result->file = scopy(&str, &args); - result->ciaddr = scopy(&str, &args); - result->giaddr = scopy(&str, &args); + result->ciaddr = is_valid_ipv4_str(scopy(&str, &args)); + result->giaddr = is_valid_ipv4_str(scopy(&str, &args)); result->bootp_retries = scopy(&str, &args); result->tftp_retries = scopy(&str, &args); if (*args) {