From ec82644bd36045576768ee4443961422a9efee97 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Thu, 18 Jul 2013 15:00:57 -0500 Subject: [PATCH] mo fixes mo specs SEERM #7536 SEERM #7537 --- lib/msf/core/option_container.rb | 8 +++++--- lib/rex/socket/range_walker.rb | 7 +++++-- .../core/option_container/optaddressrange_spec.rb | 12 ++++++++++++ spec/lib/rex/socket/range_walker_spec.rb | 10 ++++++++++ 4 files changed, 32 insertions(+), 5 deletions(-) diff --git a/lib/msf/core/option_container.rb b/lib/msf/core/option_container.rb index 9289b6fe4a..2df891b180 100644 --- a/lib/msf/core/option_container.rb +++ b/lib/msf/core/option_container.rb @@ -338,8 +338,8 @@ class OptAddress < OptBase # Covers a wierdcase where an incomplete ipv4 address will have it's # missing octets filled in with 0's. (e.g 192.168 become 192.0.0.168) # which does not feel like a legit behaviour - if value =~ /^(\d{1,3}\.*){1,3}$/ and getaddr_result.gsub('.0','') == value - return false + if value =~ /^\d{1,3}(\.\d{1,3}){1,3}$/ + return false unless value =~ Rex::Socket::MATCH_IPV4 end rescue return false @@ -384,7 +384,9 @@ class OptAddressRange < OptBase return false unless value.kind_of?(String) or value.kind_of?(NilClass) if (value != nil and value.empty? == false) - walker = Rex::Socket::RangeWalker.new(normalize(value)) + normalized = normalize(value) + return false if normalized.nil? + walker = Rex::Socket::RangeWalker.new(normalized) if (not walker or not walker.valid?) return false end diff --git a/lib/rex/socket/range_walker.rb b/lib/rex/socket/range_walker.rb index f8c57e95fc..16e2918cab 100644 --- a/lib/rex/socket/range_walker.rb +++ b/lib/rex/socket/range_walker.rb @@ -95,9 +95,12 @@ class RangeWalker return false if ip_part.nil? or ip_part.empty? or mask_part.nil? or mask_part.empty? return false if mask_part !~ /^[0-9]{1,2}$/ # Illegal mask -- numerals only return false if mask_part.to_i > 32 # This too -- between 0 and 32. + if ip_part =~ /^\d{1,3}(\.\d{1,3}){1,3}$/ + return false unless ip_part =~ Rex::Socket::MATCH_IPV4 + end begin - Rex::Socket.addr_atoi(ip_part) # This allows for "www.metasploit.com/24" which is fun. - rescue Resolv::ResolvError + Rex::Socket.getaddress(ip_part) # This allows for "www.metasploit.com/24" which is fun. + rescue Resolv::ResolvError, ::SocketError return false # Can't resolve the ip_part, so bail. end diff --git a/spec/lib/msf/core/option_container/optaddressrange_spec.rb b/spec/lib/msf/core/option_container/optaddressrange_spec.rb index bce4855926..d23ce203ed 100644 --- a/spec/lib/msf/core/option_container/optaddressrange_spec.rb +++ b/spec/lib/msf/core/option_container/optaddressrange_spec.rb @@ -70,6 +70,18 @@ describe Msf::OptAddressRange do optional_rhosts.valid?(nil).should == true end + it 'should return false for a range missing octets' do + subject.valid?('192.168/24').should == false + end + + it 'should return false for a range with too many octets' do + subject.valid?('192.168.1.2.0/24').should == false + end + + it 'should return true for a CIDR range' do + subject.valid?('192.168.1.0/24').should == true + end + end diff --git a/spec/lib/rex/socket/range_walker_spec.rb b/spec/lib/rex/socket/range_walker_spec.rb index 2b17421998..108c6b682d 100644 --- a/spec/lib/rex/socket/range_walker_spec.rb +++ b/spec/lib/rex/socket/range_walker_spec.rb @@ -28,6 +28,16 @@ describe Rex::Socket::RangeWalker do walker.should include("10.1.3.5") end + it 'should reject CIDR ranges with missing octets' do + walker = Rex::Socket::RangeWalker.new('192.168/24') + walker.should_not be_valid + end + + it 'should reject a CIDR range with too many octets' do + walker = Rex::Socket::RangeWalker.new('192.168.1.2.0/24') + walker.should_not be_valid + end + it "should default the lower bound of a range to 0" do walker = Rex::Socket::RangeWalker.new("10.1.3.-17") walker.should be_valid