Mercurial > hg > nginx
changeset 4573:98a2518a98dc
In ngx_ptocidr(), check that the supplied prefix length is within
the allowed range.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Tue, 03 Apr 2012 08:22:00 +0000 |
parents | 67653855682e |
children | b1ba43f905f8 |
files | src/core/ngx_inet.c |
diffstat | 1 files changed, 7 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/core/ngx_inet.c Tue Apr 03 07:37:31 2012 +0000 +++ b/src/core/ngx_inet.c Tue Apr 03 08:22:00 2012 +0000 @@ -407,6 +407,10 @@ #if (NGX_HAVE_INET6) case AF_INET6: + if (shift > 128) { + return NGX_ERROR; + } + addr = cidr->u.in6.addr.s6_addr; mask = cidr->u.in6.mask.s6_addr; rc = NGX_OK; @@ -428,6 +432,9 @@ #endif default: /* AF_INET */ + if (shift > 32) { + return NGX_ERROR; + } if (shift) { cidr->u.in.mask = htonl((ngx_uint_t) (0 - (1 << (32 - shift))));