auth: If allow_nets has an invalid value, don't attempt to compare it anymore.

This fixes a potential crash because net_is_in_network() was called with
garbage net_ip.

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 95dfe1e44b323006f1389edeaf760ef12ae6e80c..9d9d2274c50f5f1fb36972cdcbb10393676510d0 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -1343,10 +1343,8 @@ auth_request_validate_networks(struct auth_request *request,
                if (net_parse_range(*net, &net_ip, &bits) < 0) {
                        auth_request_log_info(request, AUTH_SUBSYS_DB,
                                "%s: Invalid network '%s'", name, *net);
-               }
-
-               if (remote_ip->family != 0 &&
-                   net_is_in_network(remote_ip, &net_ip, bits)) {
+               } else if (remote_ip->family != 0 &&
+                          net_is_in_network(remote_ip, &net_ip, bits)) {
                        found = TRUE;
                        break;
                }