X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_dnsbl.cpp;h=732717ff3dc08ea7704f956f41a0e7961c45d94f;hb=12a47e788b3eba8e395abdd46c2dc91692b9b292;hp=73ecd02a6c919af8907e5a7cf12498d5d5277fd9;hpb=0b0b8d9e06139d41ebf7e304fe8b80bf1fae6448;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_dnsbl.cpp b/src/modules/m_dnsbl.cpp
index 73ecd02a6..732717ff3 100644
--- a/src/modules/m_dnsbl.cpp
+++ b/src/modules/m_dnsbl.cpp
@@ -35,7 +35,7 @@ class DNSBLConfEntry : public refcountbase
 		EnumBanaction banaction;
 		EnumType type;
 		long duration;
-		int bitmask;
+		unsigned int bitmask;
 		unsigned char records[256];
 		unsigned long stats_hits, stats_misses;
 		DNSBLConfEntry(): type(A_BITMASK),duration(86400),bitmask(0),stats_hits(0), stats_misses(0) {}
@@ -70,6 +70,14 @@ class DNSBLResolver : public DNS::Request
 		if (!ans_record)
 			return;
 
+		// All replies should be in 127.0.0.0/8
+		if (ans_record->rdata.compare(0, 4, "127.") != 0)
+		{
+			ServerInstance->SNO->WriteGlobalSno('a', "DNSBL: %s returned address outside of acceptable subnet 127.0.0.0/8: %s", ConfEntry->domain.c_str(), ans_record->rdata.c_str());
+			ConfEntry->stats_misses++;
+			return;
+		}
+
 		int i = countExt.get(them);
 		if (i)
 			countExt.set(them, i - 1);
@@ -80,7 +88,7 @@ class DNSBLResolver : public DNS::Request
 		bool match = false;
 		in_addr resultip;
 
-		inet_aton(ans_record->rdata.c_str(), &resultip);
+		inet_pton(AF_INET, ans_record->rdata.c_str(), &resultip);
 
 		switch (ConfEntry->type)
 		{
@@ -175,7 +183,7 @@ class DNSBLResolver : public DNS::Request
 					if (ServerInstance->XLines->AddLine(zl,NULL))
 					{
 						std::string timestr = InspIRCd::TimeString(zl->expiry);
-						ServerInstance->SNO->WriteGlobalSno('x',"Z:line added due to DNSBL match on *@%s to expire on %s: %s",
+						ServerInstance->SNO->WriteGlobalSno('x',"Z:line added due to DNSBL match on %s to expire on %s: %s",
 							them->GetIPString().c_str(), timestr.c_str(), reason.c_str());
 						ServerInstance->XLines->ApplyLines();
 					}
@@ -271,7 +279,7 @@ class ModuleDNSBL : public Module
 			if (tag->getString("type") == "bitmask")
 			{
 				e->type = DNSBLConfEntry::A_BITMASK;
-				e->bitmask = tag->getInt("bitmask");
+				e->bitmask = tag->getInt("bitmask", 0, 0, UINT_MAX);
 			}
 			else
 			{