mem-pool: Reject the creation of unintentionally empty pools

If a base address is configured, we don't expect the pool to be empty,
so reject the creation (e.g. with the broadcast address as base).

References strongswan/strongswan#2205

diff --git a/src/libcharon/attributes/mem_pool.c b/src/libcharon/attributes/mem_pool.c
index 4cc0ce02a208a502518b4bb0ce5ceb2d2db20327..b2382c46d2c6e6942163922c6d6692165f714746 100644 (file)
--- a/src/libcharon/attributes/mem_pool.c
+++ b/src/libcharon/attributes/mem_pool.c
@@ -702,6 +702,13 @@ mem_pool_t *mem_pool_create(char *name, host_t *base, int bits)
                {       /* only serve the second address of the subnet */
                        this->size--;
                }
+               if (!this->size)
+               {
+                       DBG1(DBG_CFG, "virtual IP pool %H/%d is empty",
+                                base, addr_bits - bits);
+                       destroy(this);
+                       return NULL;
+               }
        }
        return &this->public;
 }

diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c
index 58e1cd98a0b5771ac34fb08faa2bf959ac4c2735..d36d76392c620c0e88a55a9ba3dab86befa6cf4b 100644 (file)
--- a/src/libcharon/plugins/load_tester/load_tester_config.c
+++ b/src/libcharon/plugins/load_tester/load_tester_config.c
@@ -286,11 +286,20 @@ static void load_addrs(private_load_tester_config_t *this)
                                from = host_create_from_subnet(token, &bits);
                                if (from)
                                {
-                                       DBG1(DBG_CFG, "loaded load-tester address pool %H/%d on %s",
-                                                from, bits, iface);
                                        pool = mem_pool_create(iface, from, bits);
+                                       if (pool)
+                                       {
+                                               DBG1(DBG_CFG, "loaded load-tester address pool %H/%d "
+                                                        "on %s", from, bits, iface);
+                                               this->pools->insert_last(this->pools, pool);
+                                       }
+                                       else
+                                       {
+
+                                               DBG1(DBG_CFG, "invalid load-tester address pool %H/%d "
+                                                        "on %s, skipped", from, bits, iface);
+                                       }
                                        from->destroy(from);
-                                       this->pools->insert_last(this->pools, pool);
                                }
                                else
                                {

diff --git a/src/libcharon/tests/suites/test_mem_pool.c b/src/libcharon/tests/suites/test_mem_pool.c
index 4db448b4b10078f812f49a2c6ce3158ad96d8f31..8d87b6ad4640a69c87c0c4e3eb5505589008b046 100644 (file)
--- a/src/libcharon/tests/suites/test_mem_pool.c
+++ b/src/libcharon/tests/suites/test_mem_pool.c
@@ -153,13 +153,10 @@ START_TEST(test_cidr_offset)
        pool->destroy(pool);
        base->destroy(base);
 
-       /* due to size == 0 we get the requested IP back */
+       /* this results in an empty pool, which is rejected */
        base = host_create_from_string("192.168.0.255", 0);
        pool = mem_pool_create("test", base, 24);
-       ck_assert_int_eq(0, pool->get_size(pool));
-       assert_acquire(pool, "192.168.0.1", "192.168.0.1", MEM_POOL_NEW);
-       pool->destroy(pool);
-
+       ck_assert(!pool);
        base->destroy(base);
 }
 END_TEST