diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-11-12 13:44:57 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-11-12 13:44:57 -0500 |
| commit | 9b11dc36179e48bd39e57a9f3e0e26a25f50adfa (patch) | |
| tree | bac57730fde53f72349a7cf81145ddcb4b417d5b | |
| parent | 4ac5175109b14f8fafca3374ab5ca63968ab2cca (diff) | |
| parent | ecd16edafe5afbf00c5775d9f41457d4b015dc2c (diff) | |
| download | tor-9b11dc36179e48bd39e57a9f3e0e26a25f50adfa.tar.gz tor-9b11dc36179e48bd39e57a9f3e0e26a25f50adfa.zip | |
Merge remote-tracking branch 'public/bug7484'
Conflicts:
src/test/test_addr.c
| -rw-r--r-- | changes/bug7484 | 4 | ||||
| -rw-r--r-- | src/common/address.c | 5 | ||||
| -rw-r--r-- | src/test/test_addr.c | 3 |
3 files changed, 10 insertions, 2 deletions
diff --git a/changes/bug7484 b/changes/bug7484 new file mode 100644 index 0000000000..647992af05 --- /dev/null +++ b/changes/bug7484 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Stop allowing invalid address patterns containing both a wildcard + address and a bit prefix length. This affects all our + address-range parsing code. Fixes bug 7484; bugfix on 0.0.2pre14. diff --git a/src/common/address.c b/src/common/address.c index de5d3a6ff7..a3b5df66bc 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -723,6 +723,11 @@ tor_addr_parse_mask_ports(const char *s, /* XXXX_IP6 is this really what we want? */ bits = 96 + bits%32; /* map v4-mapped masks onto 96-128 bits */ } + if (any_flag) { + log_warn(LD_GENERAL, + "Found bit prefix with wildcard address; rejecting"); + goto err; + } } else { /* pick an appropriate mask, as none was given */ if (any_flag) bits = 0; /* This is okay whether it's V6 or V4 (FIX V4-mapped V6!) */ diff --git a/src/test/test_addr.c b/src/test/test_addr.c index a254a34e45..c9c47bdaee 100644 --- a/src/test/test_addr.c +++ b/src/test/test_addr.c @@ -654,7 +654,7 @@ test_addr_ip6_helpers(void *arg) tt_int_op(r, OP_EQ, -1); r=tor_addr_parse_mask_ports("*6",0,&t1, &mask, NULL, NULL); tt_int_op(r, OP_EQ, -1); -#if 0 + tt_assert(r == -1); /* Try a mask with a wildcard. */ r=tor_addr_parse_mask_ports("*/16",0,&t1, &mask, NULL, NULL); tt_assert(r == -1); @@ -664,7 +664,6 @@ test_addr_ip6_helpers(void *arg) r=tor_addr_parse_mask_ports("*6/30",TAPMP_EXTENDED_STAR, &t1, &mask, NULL, NULL); tt_assert(r == -1); -#endif /* Basic mask tests*/ r=tor_addr_parse_mask_ports("1.1.2.2/31",0,&t1, &mask, NULL, NULL); tt_assert(r == AF_INET); |