OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

net: prevent /32 ipv4 mask from matching all ips

Browse Source 
Fixes: https://github.com/nodejs/node/issues/43360

PR-URL: https://github.com/nodejs/node/pull/43381
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
supriyo-biswas
2022-06-25 18:17:27 +05:30
committed by GitHub
parent d96a2ea615
commit b6bc44f8bc
2 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/node_sockaddr.cc
View File

@@ -215,7 +215,7 @@ bool in_network_ipv4(
const SocketAddress& ip,
const SocketAddress& net,
int prefix) {
uint32_t mask = ((1 << prefix) - 1) << (32 - prefix);
uint32_t mask = ((1ull << prefix) - 1) << (32 - prefix);
const sockaddr_in* ip_in =
reinterpret_cast<const sockaddr_in*>(ip.data());
@@ -293,7 +293,7 @@ bool in_network_ipv6_ipv4(
if (prefix == 32)
return compare_ipv4_ipv6(net, ip) == SocketAddress::CompareResult::SAME;
uint32_t m = ((1 << prefix) - 1) << (32 - prefix);
uint32_t m = ((1ull << prefix) - 1) << (32 - prefix);
const sockaddr_in6* ip_in =
reinterpret_cast<const sockaddr_in6*>(ip.data());

10
test/parallel/test-blocklist.js
View File

@@ -272,3 +272,13 @@ const util = require('util');
const ret = util.inspect(blockList, { depth: null });
assert(ret.includes('rules: []'));
}
{
// Test for https://github.com/nodejs/node/issues/43360
const blocklist = new BlockList();
blocklist.addSubnet('1.1.1.1', 32, 'ipv4');
assert(blocklist.check('1.1.1.1'));
assert(!blocklist.check('1.1.1.2'));
assert(!blocklist.check('2.3.4.5'));
}