From 361086005ca70d8acce55f140a701b0b3a90e48c Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 29 Oct 2008 13:29:54 +0000 Subject: [PATCH] Fix a possible negative shift in address comparison. May fix bug 845 and bug 811 svn:r17169 --- ChangeLog | 2 ++ src/common/address.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index f854b76fa8..823dba958b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -41,6 +41,8 @@ Changes in version 0.2.1.7-alpha - 2008-10-xx prevent possible guess-the-streamid injection attacks from intermediate hops. Fixes another case of bug 446. Based on patch from rovv. + - Avoid using a negative right-shift when comparing 32-bit + addresses. Possible fix for bug 845 and bug 811. Changes in version 0.2.1.6-alpha - 2008-09-30 diff --git a/src/common/address.c b/src/common/address.c index 2a2924a756..d6b64828c1 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -686,6 +686,8 @@ tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, case AF_INET: { uint32_t a1 = ntohl(addr1->addr.in_addr.s_addr); uint32_t a2 = ntohl(addr2->addr.in_addr.s_addr); + if (mbits > 32) + mbits = 32; a1 >>= (32-mbits); a2 >>= (32-mbits); return (a1 < a2) ? -1 : (a1 == a2) ? 0 : 1; -- 2.47.3