cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From DaanHoogland <...@git.apache.org>
Subject [GitHub] cloudstack pull request: Cwe 190
Date Wed, 11 Nov 2015 10:49:33 GMT
Github user DaanHoogland commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/1057#discussion_r44520633
  
    --- Diff: utils/src/main/java/com/cloud/utils/net/NetUtils.java ---
    @@ -869,31 +878,44 @@ public static boolean isNetworkAWithinNetworkB(final String cidrA,
final String
     
         public static Long[] cidrToLong(final String cidr) {
             if (cidr == null || cidr.isEmpty()) {
    -            return null;
    +            throw new CloudRuntimeException("empty cidr can not be converted to longs");
             }
             final String[] cidrPair = cidr.split("\\/");
             if (cidrPair.length != 2) {
    -            return null;
    +            throw new CloudRuntimeException("cidr is not formatted correctly: "+ cidr);
             }
             final String cidrAddress = cidrPair[0];
             final String cidrSize = cidrPair[1];
             if (!isValidIp(cidrAddress)) {
    -            return null;
    -        }
    -        int cidrSizeNum = -1;
    -
    -        try {
    -            cidrSizeNum = Integer.parseInt(cidrSize);
    -        } catch (final Exception e) {
    -            return null;
    +            throw new CloudRuntimeException("cidr is not bvalid in ip space" + cidr);
             }
    -        final long numericNetmask = 0xffffffff >> MAX_CIDR - cidrSizeNum <<
MAX_CIDR - cidrSizeNum;
    +        long cidrSizeNum = getCidrSizeFromString(cidrSize);
    +        final long numericNetmask = netMaskFromCidr(cidrSizeNum);
             final long ipAddr = ip2Long(cidrAddress);
             final Long[] cidrlong = {ipAddr & numericNetmask, (long)cidrSizeNum};
             return cidrlong;
     
         }
     
    +    /**
    +     * @param cidrSize
    +     * @return
    +     * @throws CloudRuntimeException
    +     */
    +    static long getCidrSizeFromString(final String cidrSize) throws CloudRuntimeException
{
    +        long cidrSizeNum = -1;
    +
    +        try {
    +            cidrSizeNum = Integer.parseInt(cidrSize);
    +        } catch (final NumberFormatException e) {
    +            throw new CloudRuntimeException("cidrsize is not a valid int: " + cidrSize,
e);
    +        }
    +        if(cidrSizeNum > 32 || cidrSizeNum < 0) {// assuming IPv4
    +            throw new CloudRuntimeException("cidr size out of range: " + cidrSizeNum);
    +        }
    +        return cidrSizeNum;
    +    }
    +
    --- End diff --
    
    I left it like this because the methods may have more use. They don't at the moment so
closing them of could be done. For now this is fine by me. i haven't looked at implicit tests
of these methods.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message