net: do not allow resolving to an internal address

In order to prevent mixups, our internal range is never allowed as a resolve
result. This means that no user-provided string will ever be confused with an
internal address.
This commit is contained in:
Cory Fields 2017-06-13 17:26:50 -04:00
parent 7f31762cb6
commit 6d0bd5b73d
2 changed files with 12 additions and 2 deletions

View file

@ -108,17 +108,22 @@ bool static LookupIntern(const char *pszName, std::vector<CNetAddr>& vIP, unsign
struct addrinfo *aiTrav = aiRes; struct addrinfo *aiTrav = aiRes;
while (aiTrav != NULL && (nMaxSolutions == 0 || vIP.size() < nMaxSolutions)) while (aiTrav != NULL && (nMaxSolutions == 0 || vIP.size() < nMaxSolutions))
{ {
CNetAddr resolved;
if (aiTrav->ai_family == AF_INET) if (aiTrav->ai_family == AF_INET)
{ {
assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in)); assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in));
vIP.push_back(CNetAddr(((struct sockaddr_in*)(aiTrav->ai_addr))->sin_addr)); resolved = CNetAddr(((struct sockaddr_in*)(aiTrav->ai_addr))->sin_addr);
} }
if (aiTrav->ai_family == AF_INET6) if (aiTrav->ai_family == AF_INET6)
{ {
assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in6)); assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in6));
struct sockaddr_in6* s6 = (struct sockaddr_in6*) aiTrav->ai_addr; struct sockaddr_in6* s6 = (struct sockaddr_in6*) aiTrav->ai_addr;
vIP.push_back(CNetAddr(s6->sin6_addr, s6->sin6_scope_id)); resolved = CNetAddr(s6->sin6_addr, s6->sin6_scope_id);
}
/* Never allow resolving to an internal address. Consider any such result invalid */
if (!resolved.IsInternal()) {
vIP.push_back(resolved);
} }
aiTrav = aiTrav->ai_next; aiTrav = aiTrav->ai_next;

View file

@ -113,6 +113,11 @@ BOOST_AUTO_TEST_CASE(netbase_lookupnumeric)
BOOST_CHECK(TestParse("[::]:8333", "[::]:8333")); BOOST_CHECK(TestParse("[::]:8333", "[::]:8333"));
BOOST_CHECK(TestParse("[127.0.0.1]", "127.0.0.1:65535")); BOOST_CHECK(TestParse("[127.0.0.1]", "127.0.0.1:65535"));
BOOST_CHECK(TestParse(":::", "[::]:0")); BOOST_CHECK(TestParse(":::", "[::]:0"));
// verify that an internal address fails to resolve
BOOST_CHECK(TestParse("[fd6b:88c0:8724:1:2:3:4:5]", "[::]:0"));
// and that a one-off resolves correctly
BOOST_CHECK(TestParse("[fd6c:88c0:8724:1:2:3:4:5]", "[fd6c:88c0:8724:1:2:3:4:5]:65535"));
} }
BOOST_AUTO_TEST_CASE(onioncat_test) BOOST_AUTO_TEST_CASE(onioncat_test)