From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jonatan Schlag <jonatan.schlag@ipfire.org>
To: network@lists.ipfire.org
Subject: [network] [PATCH 4/4] pppoe-server: improve input validation
Date: Sat, 03 Jun 2017 13:25:10 +0200
Message-ID: <1496489110-10134-4-git-send-email-jonatan.schlag@ipfire.org>
In-Reply-To: <1496489110-10134-1-git-send-email-jonatan.schlag@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5549551156793495891=="
List-Id: <network.lists.ipfire.org>

--===============5549551156793495891==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

We now check if the subnet, the mtu and the max-sessions valud is valid.

Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
 src/hooks/configs/pppoe-server | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/hooks/configs/pppoe-server b/src/hooks/configs/pppoe-server
index 1ef3ba9..6f95212 100644
--- a/src/hooks/configs/pppoe-server
+++ b/src/hooks/configs/pppoe-server
@@ -69,15 +69,30 @@ hook_new() {
 				;;
 			--max-sessions=3D*)
 				MAX_SESSIONS=3D$(cli_get_val ${1})
+				if ! isinteger ${MAX_SESSIONS} || ! [ ${MAX_SESSIONS} -ge 0 ]; then
+					error "Invalid value for '--max-session'. This value must be an integer=
 greate or eqal zero."
+					exit ${EXIT_ERROR}
+				fi
 				;;
 			--mtu=3D*)
 				MTU=3D$(cli_get_val ${1})
+				if ! mtu_is_valid "ipv4" ${MTU}; then
+					error "Invalid value for '--mtu'. Cannot be larger then 9000 or smaller=
 than 576"
+					exit ${EXIT_ERROR}
+				fi
 				;;
 			--service-name=3D*)
 				SERVICE_NAME=3D$(cli_get_val ${1})
 				;;
 			--subnet=3D*)
 				SUBNET=3D$(cli_get_val ${1})
+				if ! ipv4_net_is_valid "${SUBNET}"; then
+					error "Invalid IPv4 Subnet ${SUBNET}."
+					exit ${EXIT_ERROR}
+				fi
+				;;
+			*)
+				warning "Ignoring unknown option '${1}'"
 				;;
 		esac
 		shift
--=20
2.6.3


--===============5549551156793495891==--