Skip to content

Gracefully handle IPv6 addresses in blocklist.conf#759

Merged
zakird merged 6 commits intomainfrom
phillip/handle-blocklist-ipv6
Dec 28, 2023
Merged

Gracefully handle IPv6 addresses in blocklist.conf#759
zakird merged 6 commits intomainfrom
phillip/handle-blocklist-ipv6

Conversation

@phillip-stephens
Copy link
Contributor

@phillip-stephens phillip-stephens commented Dec 27, 2023
edited by zakird
Loading

Fixes #756

Changes

  • added a function to check if a string was an IPv6 address or subnet

Testing

Tested that IPv4 addresses or subnets didn't trigger a log_fatal

Tested with the following IPv6 tests
With subnet mask

pstephens@scratch-04-a:~/zmap-ubuntu-dev$ sudo ./src/zmap -p 53 -r 128 -N 10 -b /etc/zmap/blocklist.conf
....
Dec 27 17:50:24.508 [FATAL] constraint: 2001:0db8:85a3::/48 IPv6 subnets are not supported

With compressed IPv6 address

pstephens@scratch-04-a:~/zmap-ubuntu-dev$ sudo ./src/zmap -p 53 -r 128 -N 10 -b /etc/zmap/blocklist.conf
...
Dec 27 17:50:38.421 [FATAL] constraint: 2001:0db8:85a3:: IPv6 subnets are not supported

With uncompressed IPv6 address

pstephens@scratch-04-a:~/zmap-ubuntu-dev$ sudo ./src/zmap -p 53 -r 128 -N 10 -b /etc/zmap/blocklist.conf
...
Dec 27 17:51:00.807 [FATAL] constraint: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 IPv6 subnets are not supported

@phillip-stephens phillip-stephens linked an issue Dec 27, 2023 that may be closed by this pull request
Handle IPv6 addresses/subnets in blocklist.conf gracefully #756
Closed
zakird
zakird reviewed Dec 27, 2023
View reviewed changes
zakird
zakird reviewed Dec 27, 2023
View reviewed changes
zakird
zakird reviewed Dec 27, 2023
View reviewed changes
zakird
zakird reviewed Dec 27, 2023
View reviewed changes
zakird
zakird reviewed Dec 27, 2023
View reviewed changes
@phillip-stephens phillip-stephens marked this pull request as ready for review December 27, 2023 21:31
zakird
zakird requested changes Dec 27, 2023
View reviewed changes
lib/blocklist.c Outdated
// get length of string including the null-byte
int length = strlen(ip) + 1;
// don't modify the input string
char *new_str = strndup(ip, length);
Copy link
Member

@zakird zakird Dec 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't really understand the intent behind calling strlen and then passing that into strndup. This feels equivalent to using strdup. If you want to have a limited length, we should use strndup and check that the length is below a certain size using strnlen. Otherwise, we might as well just use strdup.

Copy link
Contributor Author

@phillip-stephens phillip-stephens Dec 28, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, not sure what I was thinking, strdup looks ideal for this.

lib/blocklist.c Outdated
// don't modify the input string
char *new_str = strndup(ip, length);
// check if there's a subnet maskChar
char *maskChar = strchr(new_str, '/');
Copy link
Member

@zakird zakird Dec 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you use one variable naming type in this function? We have both new_str and maskChar? :) I believe that the ZMap style guide says to use mask_char.

Copy link
Contributor Author

@phillip-stephens phillip-stephens Dec 28, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

😬 yikes yep, ofc

@phillip-stephens
Copy link
Contributor Author

phillip-stephens commented Dec 28, 2023

@zakird I've addressed your comments, re-tested on the scratch VM and it's looking good. Re-assigned back to you.

@zakird zakird merged commit 5070928 into main Dec 28, 2023
@zakird zakird deleted the phillip/handle-blocklist-ipv6 branch December 28, 2023 17:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zakird zakird zakird approved these changes

Assignees

@zakird zakird

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Handle IPv6 addresses/subnets in blocklist.conf gracefully

2 participants

@phillip-stephens @zakird