From ecd16edafe5afbf00c5775d9f41457d4b015dc2c Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 12 Feb 2014 15:59:04 -0500
Subject: Disallow "*/maskbits" as an address pattern.

Fixes bug 7484. We've had this bug back in a8eaa79e031ee04d44 in
0.0.2pre14, when we first started allowing address masks.
---
 src/common/address.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/common/address.c')

diff --git a/src/common/address.c b/src/common/address.c
index b9f2d93154..be41cc73ac 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -714,6 +714,11 @@ tor_addr_parse_mask_ports(const char *s,
         /* XXXX_IP6 is this really what we want? */
         bits = 96 + bits%32; /* map v4-mapped masks onto 96-128 bits */
       }
+      if (any_flag) {
+        log_warn(LD_GENERAL,
+                 "Found bit prefix with wildcard address; rejecting");
+        goto err;
+      }
     } else { /* pick an appropriate mask, as none was given */
       if (any_flag)
         bits = 0;  /* This is okay whether it's V6 or V4 (FIX V4-mapped V6!) */
-- 
cgit v1.2.3-54-g00ecf