Check CIDR ban IP address for validity.
Otherwise, we compare to uninitialized stack data. This is wrong but seems harmless. Closes #103
This commit is contained in:
parent
00fda7b7bd
commit
83e5941c87
1 changed files with 8 additions and 4 deletions
12
src/match.c
12
src/match.c
|
@ -397,8 +397,10 @@ int match_ips(const char *s1, const char *s2)
|
||||||
else
|
else
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
rb_inet_pton(aftype, address, ipptr);
|
if (rb_inet_pton(aftype, address, ipptr) <= 0)
|
||||||
rb_inet_pton(aftype, mask, maskptr);
|
return 0;
|
||||||
|
if (rb_inet_pton(aftype, mask, maskptr) <= 0)
|
||||||
|
return 0;
|
||||||
if (comp_with_mask(ipptr, maskptr, cidrlen))
|
if (comp_with_mask(ipptr, maskptr, cidrlen))
|
||||||
return 1;
|
return 1;
|
||||||
else
|
else
|
||||||
|
@ -471,8 +473,10 @@ int match_cidr(const char *s1, const char *s2)
|
||||||
else
|
else
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
rb_inet_pton(aftype, ip, ipptr);
|
if (rb_inet_pton(aftype, ip, ipptr) <= 0)
|
||||||
rb_inet_pton(aftype, ipmask, maskptr);
|
return 0;
|
||||||
|
if (rb_inet_pton(aftype, ipmask, maskptr) <= 0)
|
||||||
|
return 0;
|
||||||
if (comp_with_mask(ipptr, maskptr, cidrlen) && match(mask, address))
|
if (comp_with_mask(ipptr, maskptr, cidrlen) && match(mask, address))
|
||||||
return 1;
|
return 1;
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in a new issue