From b4073a760205f6c341425fe5dd28313e3a12f567 Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Sat, 26 Jul 2008 23:08:29 +0000
Subject: Perform additional input validation on options pulled by client from
 server.  Fixes --iproute vulnerability.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3126 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 route.c | 54 ++++++++++++++++++++++++++++++++++++++----------------
 1 file changed, 38 insertions(+), 16 deletions(-)

(limited to 'route.c')

diff --git a/route.c b/route.c
index 5b7b036..bc312e8 100644
--- a/route.c
+++ b/route.c
@@ -139,43 +139,65 @@ get_special_addr (const struct route_special_addr *spec,
 		  in_addr_t *out,
 		  bool *status)
 {
-  *status = true;
+  if (status)
+    *status = true;
   if (!strcmp (string, "vpn_gateway"))
     {
-      if (spec->remote_endpoint_defined)
-	*out = spec->remote_endpoint;
-      else
+      if (spec)
 	{
-	  msg (M_INFO, PACKAGE_NAME " ROUTE: vpn_gateway undefined");
-	  *status = false;
+	  if (spec->remote_endpoint_defined)
+	    *out = spec->remote_endpoint;
+	  else
+	    {
+	      msg (M_INFO, PACKAGE_NAME " ROUTE: vpn_gateway undefined");
+	      if (status)
+		*status = false;
+	    }
 	}
       return true;
     }
   else if (!strcmp (string, "net_gateway"))
     {
-      if (spec->net_gateway_defined)
-	*out = spec->net_gateway;
-      else
+      if (spec)
 	{
-	  msg (M_INFO, PACKAGE_NAME " ROUTE: net_gateway undefined -- unable to get default gateway from system");
-	  *status = false;
+	  if (spec->net_gateway_defined)
+	    *out = spec->net_gateway;
+	  else
+	    {
+	      msg (M_INFO, PACKAGE_NAME " ROUTE: net_gateway undefined -- unable to get default gateway from system");
+	      if (status)
+		*status = false;
+	    }
 	}
       return true;
     }
   else if (!strcmp (string, "remote_host"))
     {
-      if (spec->remote_host_defined)
-	*out = spec->remote_host;
-      else
+      if (spec)
 	{
-	  msg (M_INFO, PACKAGE_NAME " ROUTE: remote_host undefined");
-	  *status = false;
+	  if (spec->remote_host_defined)
+	    *out = spec->remote_host;
+	  else
+	    {
+	      msg (M_INFO, PACKAGE_NAME " ROUTE: remote_host undefined");
+	      if (status)
+		*status = false;
+	    }
 	}
       return true;
     }
   return false;
 }
 
+bool
+is_special_addr (const char *addr_str)
+{
+  if (addr_str)
+    return get_special_addr (NULL, addr_str, NULL, NULL);
+  else
+    return false;
+}
+
 static bool
 init_route (struct route *r,
 	    const struct route_option *ro,
-- 
cgit v1.2.3