Urs Weiss wrote:
> Hi Nigel
>
> I found another "bug" (not really a bug, more usability)
>
> I recognized that after i imported my whitelist directly into the
> database. Somehow there was an invalid entry in there. First thought
> that can not happen when using the interface (because the address is
> checked then), but it's also possible with the interface.
>
> Adding an entry like "127.0/24" (or whatever, can also add "sdfsdf") the
> mail processing stops with a "450 - Recipient address rejected" and
> "Failed to parse address".
>
> An invalid IP address should be skipped, and not make the check fail,
> and should also be checked by the web interface.
Hi Urs,
Please try out the attached patch and let us know if it solves the problem.
- Robert
Index: cbp/system.pm
===================================================================
--- cbp/system.pm (revision 479)
+++ cbp/system.pm (working copy)
@@ -113,13 +113,32 @@
sub parseCIDR
{
my $cidr = shift;
-
+
# Regex CIDR
- if ($cidr =~ /^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(?:\/(\d{1,2}))?$/) {
- my $ip = $1;
- my $mask = ( defined($2) && $2 >= 1 && $2 <= 32 ) ? $2 : 32;
+ if ($cidr =~ /^(\d{1,3})(?:\.(\d{1,3})(?:\.(\d{1,3})(?:\.(\d{1,3}))?)?)?(?:\/(\d{1,2}))?$/) {
+ # Strip any ip blocks and mask from string
+ my ($a,$b,$c,$d,$mask) = ($1,$2,$3,$4,$5);
+ # Set undefined ip blocks and mask if missing
+ if (!defined($b)) {
+ $b = 0;
+ $mask = 8 if !defined($mask);
+ }
+ if (!defined($c)) {
+ $c = 0;
+ $mask = 16 if !defined($mask);
+ }
+ if (!defined($d)) {
+ $d = 0;
+ $mask = 24 if !defined($mask);
+ }
+ # Default mask
+ $mask = ( defined($mask) && $mask >= 1 && $mask <= 32 ) ? $mask : 32;
+
+ # Build ip
+ my $ip = "$a.$b.$c.$d";
+
# Pull long for IP we going to test
my $ip_long = ip_to_long($ip);
# Convert mask to longs
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users
