Skip to content

onion-tunnel: Handle IP address exhaustion

Clara Engler requested to merge cve/onionmasq:dev/cve/dns-exhaustion into main

This commit modifies the make_for_v4 and make_for_v6 address generation to check for an address space exhaustion (e.g. all 2^24 IPv4 addresses are assigned) as well as for a duplication, in which case it will continue to do random address generation.

The exhaustion check does not take place for IPv6 however, as other operating system limits are more likely to be reached before this event, such as an out of memory error.

It also adds a (slow) test, that tests the IPv4 address exhaustion.

Merge request reports

Loading