[pve-devel] [PATCH] Host IP validation using Net::IP

Damien PIQUET piqudam at gmail.com
Tue Feb 26 22:30:57 CET 2013 

Signed-off-by: Damien PIQUET <piqudam at gmail.com>
---
 PVE/API2/Network.pm |   52 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm
index 979063c..ea0c734 100644
--- a/PVE/API2/Network.pm
+++ b/PVE/API2/Network.pm
@@ -12,6 +12,7 @@ use PVE::RPCEnvironment;
 use PVE::JSONSchema qw(get_standard_option);
 use PVE::AccessControl;
 use IO::File;
+use Net::IP qw(:PROC);
 
 use base qw(PVE::RESTHandler);
 
@@ -159,6 +160,53 @@ my $check_duplicate_gateway = sub {
     }
 };
 
+my $check_ipv4_settings = sub {
+    my ($param) = @_;
+
+    my %ipv4_mask_hash = (
+        '128.0.0.0' => 1,
+        '192.0.0.0' => 2,
+        '224.0.0.0' => 3,
+        '240.0.0.0' => 4,
+        '248.0.0.0' => 5,
+        '252.0.0.0' => 6,
+        '254.0.0.0' => 7,
+        '255.0.0.0' => 8,
+        '255.128.0.0' => 9,
+        '255.192.0.0' => 10,
+        '255.224.0.0' => 11,
+        '255.240.0.0' => 12,
+        '255.248.0.0' => 13,
+        '255.252.0.0' => 14,
+        '255.254.0.0' => 15,
+        '255.255.0.0' => 16,
+        '255.255.128.0' => 17,
+        '255.255.192.0' => 18,
+        '255.255.224.0' => 19,
+        '255.255.240.0' => 20,
+        '255.255.248.0' => 21,
+        '255.255.252.0' => 22,
+        '255.255.254.0' => 23,
+        '255.255.255.0' => 24,
+        '255.255.255.128' => 25,
+        '255.255.255.192' => 26,
+        '255.255.255.224' => 27,
+        '255.255.255.240' => 28,
+        '255.255.255.248' => 29,
+        '255.255.255.252' => 30
+    );
+
+    my $binip = Net::IP::ip_iptobin($param->{address}, 4);
+    my $binmask = Net::IP::ip_iptobin($param->{netmask}, 4);
+
+    my $binnetwork = $binip & $binmask;
+    my $network = Net::IP::ip_bintoip($binnetwork, 4);
+
+    my $ip = new Net::IP($network.'/'.$ipv4_mask_hash{$param->{netmask}}, 4);
+
+    raise_param_exc({ address => "$param->{address} is not a valid host ip address." })
+        if ($param->{address} eq $ip->ip()) || ($param->{address} eq $ip->last_ip());
+};
 
 __PACKAGE__->register_method({
     name => 'create_network', 
@@ -192,6 +240,8 @@ __PACKAGE__->register_method({
 	    &$check_duplicate_gateway($config, $iface)
 		if $param->{gateway};
 
+	    &$check_ipv4_settings($param);
+
 	    $param->{method} = $param->{address} ? 'static' : 'manual'; 
 
 	    $config->{$iface} = $param;
@@ -247,6 +297,8 @@ __PACKAGE__->register_method({
 	    &$check_duplicate_gateway($config, $iface)
 		if $param->{gateway};
 
+	    &$check_ipv4_settings($param);
+
 	    $param->{method} = $param->{address} ? 'static' : 'manual'; 
 
 	    foreach my $k (keys %$param) {
-- 
1.7.10.4

More information about the pve-devel mailing list