From 622050cd0a96f3e101c345cd547ee00a5d431aeb Mon Sep 17 00:00:00 2001 From: brain Date: Sun, 6 Aug 2006 16:16:07 +0000 Subject: Extra safety checks git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@4733 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/socket.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'src/socket.cpp') diff --git a/src/socket.cpp b/src/socket.cpp index 14fe580ad..276ccb270 100644 --- a/src/socket.cpp +++ b/src/socket.cpp @@ -39,6 +39,7 @@ char inverted_bits[8] = { 0x00, /* 00000000 - 0 bits */ 0xFE /* 11111110 - 7 bits */ }; +/* Match raw bytes using CIDR bit matching, used by higher level MatchCIDR() */ bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits) { unsigned int modulus = mask_bits % 8; /* Number of whole bytes in the mask */ @@ -58,6 +59,10 @@ bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mas return true; } +/* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32 + * If you have a lot of hosts to match, youre probably better off building your mask once + * and then using the lower level MatchCIDRBits directly. + */ bool MatchCIDR(const char* address, const char* cidr_mask) { unsigned char addr_raw[16]; @@ -75,6 +80,11 @@ bool MatchCIDR(const char* address, const char* cidr_mask) bits = atoi(bits_chars + 1); *bits_chars = 0; } + else + { + /* No 'number of bits' field! */ + return false; + } #ifdef SUPPORT_IP6LINKS in6_addr address_in6; -- cgit v1.2.3