route: error on IPv4 network routes with incorrect destination
ClosedPublic
Actions

Authored by karels on Jan 9 2024, 9:14 PM.

Details

Reviewers

emaste
melifaro

Commits

rG74e52718aa73: route: error on IPv4 network routes with incorrect destination
rG7e88d8fec4e8: route: error on IPv4 network routes with incorrect destination
rGb9e8ae1d8a42: route: error on IPv4 network routes with incorrect destination

Summary

Route destinations like 10/8 are most likely intended as a shorthand
for 10.0.0.0/8, but instead it means 0.0.0.10/8, which includes
only bits in the host part of the mask, and hence adds a route to
0.0.0.0/8. In 12.x, there was code to "do what I mean", which was
removed as part of a cleanup of old network class remnants. Given
that we have gone this long without that code, do not restore that
behavior. Instead, detect the issue and produce an error.
Specifically, if there are no dots in a numeric IPv4 address, the
mask is specified with CIDR notation (using a slash), and there are
bits set in the host part, produce an error like this for 10/8:

route: malformed address, bits set after mask; 10 means 0.0.0.10

PR: 258874
MFC after: 1 week

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

karels created this revision.Jan 9 2024, 9:14 PM

Herald added a subscriber: imp. · View Herald TranscriptJan 9 2024, 9:14 PM

karels requested review of this revision.Jan 9 2024, 9:14 PM

Harbormaster completed remote builds in B55339: Diff 132526.Jan 9 2024, 9:14 PM

Any comments on this, including the plan to MFC? I didn't reply to Ed's comment on the bug about possibly erroring on 15, and restoring the workaround on 13 and 14,. But I think it will have been long enough since this "worked" that people will have gotten used to the new behavior unless they stick with 12.4 until 13.3 is out.

melifaro accepted this revision.Jan 11 2024, 11:19 PM

This revision is now accepted and ready to land.Jan 11 2024, 11:19 PM

it's a bit cumbersome for me to understand the expression, you could extract it to a static inline helper if you wanted
but I'm fine with the logic of making the error explicit

I tried formatting the check as a separate function, and that doesn't help much. The main part of the expression (computing the host part) still doesn't fit on one line. I think I'll leave it as it is.

Use local variables to factor out parts of long expression, simplify

This revision now requires review to proceed.Jan 14 2024, 4:04 PM

Harbormaster completed remote builds in B55437: Diff 132754.Jan 14 2024, 4:04 PM

emaste accepted this revision.Jan 15 2024, 8:33 PM

This revision is now accepted and ready to land.Jan 15 2024, 8:33 PM

emaste added inline comments.Jan 15 2024, 8:36 PM

sbin/route/route.c
1355	style(9) provides an explicit exemption to the 80-column guide line for strings like this: Anything that is frequently grepped for, such as diagnostic, error, or panic messages, should not be broken up over multiple lines despite this rule. I don't think it's particularly important here (because a grep expression including the format string `%s` is unlikely) but think it would be fine to unrwap this string if you are so inclined

karels added inline comments.Jan 15 2024, 9:10 PM

sbin/route/route.c
1355	Thanks for the pointer. I would think that greps would look for "malformed address" or "bits set after mask", so I don't think I'll bother joining these.