Disallow "*/maskbits" as an address pattern.

Fixes bug 7484. We've had this bug back in a8eaa79e in 0.0.2pre14, when we first started allowing address masks.

Disallow "*/maskbits" as an address pattern.
ecd16eda · Nick Mathewson · 2c0088b8 · ecd16eda · ecd16eda · ecd16eda
Commit ecd16eda authored 11 years ago by Nick Mathewson
--- a/changes/bug7484
+++ b/changes/bug7484
+  o Minor bugfixes:
+    - Stop allowing invalid address patterns containing both a wildcard
+      address and a bit prefix length. This affects all our
+      address-range parsing code. Fixes bug 7484; bugfix on 0.0.2pre14.
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -714,6 +714,11 @@ tor_addr_parse_mask_ports(const char *s,
        /* XXXX_IP6 is this really what we want? */
        bits = 96 + bits%32; /* map v4-mapped masks onto 96-128 bits */
      }
+      if (any_flag) {
+        log_warn(LD_GENERAL,
+                 "Found bit prefix with wildcard address; rejecting");
+        goto err;
+      }
    } else { /* pick an appropriate mask, as none was given */
      if (any_flag)
        bits = 0;  /* This is okay whether it's V6 or V4 (FIX V4-mapped V6!) */

--- a/src/test/test_addr.c
+++ b/src/test/test_addr.c
@@ -646,7 +646,6 @@ test_addr_ip6_helpers(void)
  test_assert(r == -1);
  r=tor_addr_parse_mask_ports("*6",0,&t1, &mask, NULL, NULL);
  test_assert(r == -1);
-#if 0
  /* Try a mask with a wildcard. */
  r=tor_addr_parse_mask_ports("*/16",0,&t1, &mask, NULL, NULL);
  test_assert(r == -1);
@@ -656,7 +655,6 @@ test_addr_ip6_helpers(void)
  r=tor_addr_parse_mask_ports("*6/30",TAPMP_EXTENDED_STAR,
                              &t1, &mask, NULL, NULL);
  test_assert(r == -1);
-#endif
  /* Basic mask tests*/
  r=tor_addr_parse_mask_ports("1.1.2.2/31",0,&t1, &mask, NULL, NULL);
  test_assert(r == AF_INET);