onion-tunnel: Handle IP address exhaustion (!297) · Merge requests · The Tor Project / Core / onionmasq

Clara Engler requested to merge cve/onionmasq:dev/cve/dns-exhaustion into main Oct 09, 2024

This commit modifies the make_for_v4 and make_for_v6 address generation to check for an address space exhaustion (e.g. all 2^24 IPv4 addresses are assigned) as well as for a duplication, in which case it will continue to do random address generation.

The exhaustion check does not take place for IPv6 however, as other operating system limits are more likely to be reached before this event, such as an out of memory error.

It also adds a (slow) test, that tests the IPv4 address exhaustion.

onion-tunnel: Handle IP address exhaustion

Merge request reports