aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--changes/bug74844
-rw-r--r--src/common/address.c5
-rw-r--r--src/test/test_addr.c3
3 files changed, 10 insertions, 2 deletions
diff --git a/changes/bug7484 b/changes/bug7484
new file mode 100644
index 0000000000..647992af05
--- /dev/null
+++ b/changes/bug7484
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - Stop allowing invalid address patterns containing both a wildcard
+ address and a bit prefix length. This affects all our
+ address-range parsing code. Fixes bug 7484; bugfix on 0.0.2pre14.
diff --git a/src/common/address.c b/src/common/address.c
index de5d3a6ff7..a3b5df66bc 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -723,6 +723,11 @@ tor_addr_parse_mask_ports(const char *s,
/* XXXX_IP6 is this really what we want? */
bits = 96 + bits%32; /* map v4-mapped masks onto 96-128 bits */
}
+ if (any_flag) {
+ log_warn(LD_GENERAL,
+ "Found bit prefix with wildcard address; rejecting");
+ goto err;
+ }
} else { /* pick an appropriate mask, as none was given */
if (any_flag)
bits = 0; /* This is okay whether it's V6 or V4 (FIX V4-mapped V6!) */
diff --git a/src/test/test_addr.c b/src/test/test_addr.c
index a254a34e45..c9c47bdaee 100644
--- a/src/test/test_addr.c
+++ b/src/test/test_addr.c
@@ -654,7 +654,7 @@ test_addr_ip6_helpers(void *arg)
tt_int_op(r, OP_EQ, -1);
r=tor_addr_parse_mask_ports("*6",0,&t1, &mask, NULL, NULL);
tt_int_op(r, OP_EQ, -1);
-#if 0
+ tt_assert(r == -1);
/* Try a mask with a wildcard. */
r=tor_addr_parse_mask_ports("*/16",0,&t1, &mask, NULL, NULL);
tt_assert(r == -1);
@@ -664,7 +664,6 @@ test_addr_ip6_helpers(void *arg)
r=tor_addr_parse_mask_ports("*6/30",TAPMP_EXTENDED_STAR,
&t1, &mask, NULL, NULL);
tt_assert(r == -1);
-#endif
/* Basic mask tests*/
r=tor_addr_parse_mask_ports("1.1.2.2/31",0,&t1, &mask, NULL, NULL);
tt_assert(r == AF_INET);
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion