TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-10-29 07:09:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

control/controlclient: don't crash on invalid filter CIDR from server

Browse Source 
Fixes #691
This commit is contained in:
Brad Fitzpatrick
2020-08-17 07:56:03 -07:00
parent e64ab89712
commit 337c86b89d
2 changed files with 46 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
control/controlclient/filter.go
View File

@@ -7,6 +7,7 @@ package controlclient
import (
"fmt"
"net"
"tailscale.com/tailcfg"
"tailscale.com/wgengine/filter"
)
@@ -26,6 +27,9 @@ func parseIP(host string, defaultBits int) (filter.Net, error) {
if ip == nil || len(ip) != 4 {
return filter.NetNone, fmt.Errorf("ports=%#v: invalid IPv4 address", host)
}
if len(ip) == 4 && (defaultBits < 0 || defaultBits > 32) {
return filter.NetNone, fmt.Errorf("invalid CIDR size %d for host %q", defaultBits, host)
}
return filter.Net{
IP: filter.NewIP(ip),
Mask: filter.Netmask(defaultBits),