1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
From f8f335150675ed8f5d1cf3edadf74f7f6685f606 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BChler?= <stbuehler@web.de>
Date: Mon, 14 Apr 2014 16:12:11 +0000
Subject: [PATCH 03/29] fix bad shift in conditional netmask ".../0" handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
config conditionals like $HTTP["remoteip"] == "a.b.c.d/0" (or completely
broken netmasks) triggered bad shifts. Matching against "/0" is not very
useful though - it is always true.
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2963 152afb58-edef-0310-8abb-c4023f1b3aa9
---
NEWS | 1 +
src/configfile-glue.c | 8 +++++++-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index e82b90b..780f4c6 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,7 @@ NEWS
- 1.4.36
* use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
+ * fix bad shift in conditional netmask ".../0" handling
- 1.4.35 - 2014-03-12
* [network/ssl] fix build error if TLSEXT is disabled
diff --git a/src/configfile-glue.c b/src/configfile-glue.c
index 3efa46a..9f24dcb 100644
--- a/src/configfile-glue.c
+++ b/src/configfile-glue.c
@@ -357,6 +357,12 @@ static cond_result_t config_check_cond_nocache(server *srv, connection *con, dat
return COND_RESULT_FALSE;
}
+ if (nm_bits > 32 || nm_bits < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "sbs", "ERROR: invalid netmask:", dc->string, err);
+
+ return COND_RESULT_FALSE;
+ }
+
/* take IP convert to the native */
buffer_copy_string_len(srv->cond_check_buf, dc->string->ptr, nm_slash - dc->string->ptr);
#ifdef __WIN32
@@ -375,7 +381,7 @@ static cond_result_t config_check_cond_nocache(server *srv, connection *con, dat
#endif
/* build netmask */
- nm = htonl(~((1 << (32 - nm_bits)) - 1));
+ nm = nm_bits ? htonl(~((1 << (32 - nm_bits)) - 1)) : 0;
if ((val_inp.s_addr & nm) == (con->dst_addr.ipv4.sin_addr.s_addr & nm)) {
return (dc->cond == CONFIG_COND_EQ) ? COND_RESULT_TRUE : COND_RESULT_FALSE;
--
2.4.5
|
