Merge pull request #90 from natesales/nsales/fix/maxlen-validation

fix: ROA maxLength bounds checks
cloudflare · Aug 19, 2021 · a8db4e0 · a8db4e0
2 parents 9abe2d3 + 433b9a5
commit a8db4e0
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 0 deletions.
diff --git a/validator/lib/roa.go b/validator/lib/roa.go
@@ -154,6 +154,17 @@ func (entry *ROAEntry) Validate() error {
 	if entry.MaxLength < s {
 		return errors.New(fmt.Sprintf("Max length (%v) is smaller than prefix length (%v)", entry.MaxLength, s))
 	}
+
+	if entry.MaxLength < 0 {
+		return fmt.Errorf("max length (%d) is less than 0", entry.MaxLength)
+	}
+
+	if entry.IPNet.IP.To4() != nil && entry.MaxLength > 32 { // If IPv4
+		return fmt.Errorf("max length (%d) too small for IPv4 prefix", entry.MaxLength)
+	} else if entry.MaxLength > 128 { // If IPv6
+		return fmt.Errorf("max length (%d) too small for IPv6 prefix", entry.MaxLength)
+	}
+
 	return nil
 }
 

diff --git a/validator/lib/roa_test.go b/validator/lib/roa_test.go
@@ -72,3 +72,58 @@ func TestEncodeROA(t *testing.T) {
 	_, err = dc.DecodeROA(entriesBytes)
 	assert.Nil(t, err)
 }
+
+func TestValidateROAEntry(t *testing.T) {
+	// Valid
+	_, ipnet, _ := net.ParseCIDR("192.0.2.0/24")
+	roaEntryValid := ROAEntry{
+		IPNet:     ipnet,
+		MaxLength: 24,
+	}
+
+	// Invalid (max length too small)
+	_, ipnet, _ = net.ParseCIDR("192.0.2.0/24")
+	roaEntryInvalidSmallMaxLength := ROAEntry{
+		IPNet:     ipnet,
+		MaxLength: 8,
+	}
+
+	// Invalid IPv4 (max length out of bounds)
+	_, ipnet, _ = net.ParseCIDR("192.0.2.0/24")
+	roaEntryInvalidLargeMaxLength := ROAEntry{
+		IPNet:     ipnet,
+		MaxLength: 128,
+	}
+
+	// Invalid IPv6 (max length out of bounds)
+	_, ipnet, _ = net.ParseCIDR("2001:db8::/128")
+	roaEntryInvalidv6LargeMaxLength := ROAEntry{
+		IPNet:     ipnet,
+		MaxLength: 130,
+	}
+
+	// Invalid (max length negative)
+	_, ipnet, _ = net.ParseCIDR("0.0.0.0/0")
+	roaEntryInvalidNegativeMaxLength := ROAEntry{
+		IPNet:     ipnet,
+		MaxLength: -1,
+	}
+
+	for _, tc := range []struct {
+		ROAEntry    ROAEntry
+		ShouldError bool
+	}{
+		{roaEntryValid, false},
+		{roaEntryInvalidSmallMaxLength, true},
+		{roaEntryInvalidLargeMaxLength, true},
+		{roaEntryInvalidv6LargeMaxLength, true},
+		{roaEntryInvalidNegativeMaxLength, true},
+	} {
+		err := tc.ROAEntry.Validate()
+		if !tc.ShouldError {
+			assert.Nil(t, err)
+		} else {
+			assert.NotNil(t, err)
+		}
+	}
+}