From efe7a65eadf682858b522d173119322dfd29a4c0 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Sat, 13 Feb 2021 16:54:56 +0100 Subject: [PATCH] detect/iprep: fix loading of mixed ipv4/ipv6 lists Improper reuse of the address data structure between loading different lines in the iprep file would lead to the host using a malformed address. (cherry picked from commit 7b03e6837e5a7366f546e7a2b681d2921ded1ab1) --- src/reputation.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/reputation.c b/src/reputation.c index eaba62119c..95f56532d6 100644 --- a/src/reputation.c +++ b/src/reputation.c @@ -435,9 +435,6 @@ static int SRepLoadFile(SRepCIDRTree *cidr_ctx, char *filename) int SRepLoadFileFromFD(SRepCIDRTree *cidr_ctx, FILE *fp) { char line[8192] = ""; - Address a; - memset(&a, 0x00, sizeof(a)); - a.family = AF_INET; while(fgets(line, (int)sizeof(line), fp) != NULL) { size_t len = strlen(line); @@ -459,6 +456,10 @@ int SRepLoadFileFromFD(SRepCIDRTree *cidr_ctx, FILE *fp) line[len - 1] = '\0'; } + Address a; + memset(&a, 0x00, sizeof(a)); + a.family = AF_INET; + uint8_t cat = 0, value = 0; int r = SRepSplitLine(cidr_ctx, line, &a, &cat, &value); if (r < 0) { -- 2.47.2