ircd-seven icon indicating copy to clipboard operation
ircd-seven copied to clipboard
verified publisher icon freenode

/kline parses strange cidr masks as their upper limits instead of rejecting

Open AbstractBeliefs opened this issue 8 years ago • 2 comments

See #111 and its fix, #112 .

We should probably reject these klines rather than the current safe-but-incorrect behaviour.

AbstractBeliefs avatar Nov 29 '17 02:11 AbstractBeliefs

As mentioned in #112, the main issue right now is that the parse_netmask() function used in src/hostmask.c returns only varying kinds of success, and has no way to indicate failure. Some work will need to go into updating the calling code of these functions to accept a failure value and do the right thing.

AbstractBeliefs avatar Nov 29 '17 02:11 AbstractBeliefs

Also, per https://github.com/freenode/ircd-seven/pull/112#issuecomment-348018131,

There appears to be an integer underflow with large negative numbers (n-2^32). Example: @1.2.3.4/-4294967296 (n=0) matches all IPv4 on testnet.

ilbelkyr avatar Feb 28 '18 22:02 ilbelkyr