Fix ASAN warning.

[tinc] / src / subnet_parse.c

diff --git a/src/subnet_parse.c b/src/subnet_parse.c
index 8616baa..312e310 100644 (file)
--- a/src/subnet_parse.c
+++ b/src/subnet_parse.c
@@ -1,6 +1,6 @@
 /*
     subnet_parse.c -- handle subnet parsing
-    Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
+    Copyright (C) 2000-2021 Guus Sliepen <guus@tinc-vpn.org>,
                   2000-2005 Ivo Timmermans
 
     This program is free software; you can redistribute it and/or modify
@@ -186,9 +186,7 @@ static int subnet_compare_ipv6(const subnet_t *a, const subnet_t *b) {
 }
 
 int subnet_compare(const subnet_t *a, const subnet_t *b) {
-       int result;
-
-       result = a->type - b->type;
+       int result = (int)a->type - (int)b->type;
 
        if(result) {
                return result;
@@ -308,6 +306,11 @@ bool str2net(subnet_t *subnet, const char *subnetstr) {
 
        char *last_colon = strrchr(str, ':');
 
+       /* Check that the last colon is not further than possible in an IPv6 address */
+       if(last_colon && last_colon >= str + 5 * 8) {
+               return false;
+       }
+
        if(last_colon && sscanf(last_colon, ":%hu.%hu.%hu.%hu%n", &x[0], &x[1], &x[2], &x[3], &consumed) >= 4 && !last_colon[consumed]) {
                /* Dotted quad suffix notation, convert to standard IPv6 notation */
                for(int i = 0; i < 4; i++)