make vhost "looks like a CIDR" check more precise #920

jesopo · 2024-02-21T10:39:30Z

i don't know if this code was intentionally very imprecise but it's blocking a cloak we'd like to use that is quite obviously fine

dwfreed · 2024-02-23T22:55:18Z

libathemecore/services.c

+		p++;
+	// if we found a /, and are now at the end of the vhost, that
+	// means we found no non-digits, so it looks too much like a CIDR
+	if (p2 != NULL && p[1] == '\0')


This doesn't need storing a second copy of the strrchr return value. If the return value was NULL then p will still be NULL here; if the return value was not NULL then p will never be NULL either.

jesopo · 2024-02-25T20:10:10Z

this PR may be a no-go anyway as it'd apparently require us to audit all the IRCds atheme can link with

jesopo force-pushed the jess/less-bad-cidr-check branch 3 times, most recently from 61333cd to 955cbd8 Compare February 21, 2024 10:48

make vhost "looks like a CIDR" check more precise

bd119ca

jesopo force-pushed the jess/less-bad-cidr-check branch from 955cbd8 to bd119ca Compare February 21, 2024 21:06

dwfreed suggested changes Feb 23, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

make vhost "looks like a CIDR" check more precise #920

make vhost "looks like a CIDR" check more precise #920

jesopo commented Feb 21, 2024

dwfreed Feb 23, 2024 •

edited

jesopo commented Feb 25, 2024

make vhost "looks like a CIDR" check more precise #920

Are you sure you want to change the base?

make vhost "looks like a CIDR" check more precise #920

Conversation

jesopo commented Feb 21, 2024

dwfreed Feb 23, 2024 • edited

Choose a reason for hiding this comment

jesopo commented Feb 25, 2024

dwfreed Feb 23, 2024 •

edited