From: Victor Julien <victor@inliniac.net>
Date: Sat, 11 Apr 2020 11:54:00 +0000 (+0200)
Subject: detect/iponly: fix parsing of '0' valued netmask
X-Git-Tag: suricata-5.0.3~52
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f1201453aa32e7b226c0a7be3936300f6f143e6c;p=thirdparty%2Fsuricata.git

detect/iponly: fix parsing of '0' valued netmask

(cherry picked from commit 4d50eb1647709c9f2b8809f91b2af67be99ce4ab)
---

diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c
index e3d8b21552..dfedd3f9e5 100644
--- a/src/detect-engine-iponly.c
+++ b/src/detect-engine-iponly.c
@@ -178,12 +178,14 @@ static int IPOnlyCIDRItemParseSingle(IPOnlyCIDRItem *dd, const char *str)
 
                 netmask = in.s_addr;
 
-                /* Extract cidr netmask */
-                while ((0x01 & netmask) == 0) {
-                    dd->netmask++;
-                    netmask = netmask >> 1;
+                if (netmask != 0) {
+                    /* Extract cidr netmask */
+                    while ((0x01 & netmask) == 0) {
+                        dd->netmask++;
+                        netmask = netmask >> 1;
+                    }
+                    dd->netmask = 32 - dd->netmask;
                 }
-                dd->netmask = 32 - dd->netmask;
             }
 
             r = inet_pton(AF_INET, ip, &in);