From: kn Date: Tue, 10 Jul 2018 13:11:38 +0000 (+0000) Subject: Error out if -netmask/-prefixlen does not follow the destination parameter X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ee347062cff4f4764fd047d5c8943b1de8e0eb10;p=openbsd Error out if -netmask/-prefixlen does not follow the destination parameter Since the address string comes last, `-prefixlen 56 2001:db8::' silently installs a route for /64 since that's the currently implied prefix length. The manual page already states that these options must follow the destination parameter in order to have any effect. Discussed at length with many OK benno sthen bluhm jca --- diff --git a/sbin/route/route.c b/sbin/route/route.c index 44e85724807..d66cca6044e 100644 --- a/sbin/route/route.c +++ b/sbin/route/route.c @@ -1,4 +1,4 @@ -/* $OpenBSD: route.c,v 1.216 2018/07/01 08:53:03 mpi Exp $ */ +/* $OpenBSD: route.c,v 1.217 2018/07/10 13:11:38 kn Exp $ */ /* $NetBSD: route.c,v 1.16 1996/04/15 18:27:05 cgd Exp $ */ /* @@ -448,6 +448,7 @@ newroute(int argc, char **argv) int key; uint8_t prio = 0; struct hostent *hp = NULL; + int sawdest = 0; if (uid) errx(1, "must be root to alter routing table"); @@ -579,6 +580,7 @@ newroute(int argc, char **argv) usage(1+*argv); ishost = getaddr(RTA_DST, af, *++argv, &hp); dest = *argv; + sawdest = 1; break; case K_LABEL: if (!--argc) @@ -586,6 +588,9 @@ newroute(int argc, char **argv) getlabel(*++argv); break; case K_NETMASK: + if (!sawdest) + errx(1, "-netmask must follow " + "destination parameter"); if (!--argc) usage(1+*argv); getaddr(RTA_NETMASK, af, *++argv, NULL); @@ -594,6 +599,9 @@ newroute(int argc, char **argv) forcenet++; break; case K_PREFIXLEN: + if (!sawdest) + errx(1, "-prefixlen must follow " + "destination parameter"); if (!--argc) usage(1+*argv); ishost = prefixlen(af, *++argv); @@ -633,6 +641,7 @@ newroute(int argc, char **argv) } else { if ((rtm_addrs & RTA_DST) == 0) { dest = *argv; + sawdest = 1; ishost = getaddr(RTA_DST, af, *argv, &hp); } else if ((rtm_addrs & RTA_GATEWAY) == 0) { gateway = *argv;