Forget not the other PR from someone else of a similar nature that could
be related... not sure if it is marked as closed or what.
On 29 Oct 1997, Dean Gaudet wrote:
> The following reply was made to PR mod_access/1328; it has been noted by
> GNATS.
>
> From: Dean Gaudet <[EMAIL PROTECTED]>
> To: Christophe Tronche <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: mod_access/1328: Bytes are checked in wrong order for T_IP
> allowdeny_type, resulting in <Location> not working for IP mask
> Date: Tue, 28 Oct 1997 18:39:50 -0800 (PST)
>
> Give this patch a try please.
>
> Dean
>
> Index: modules/standard/mod_access.c
> ===================================================================
> RCS file: /export/home/cvs/apachen/src/modules/standard/mod_access.c,v
> retrieving revision 1.27
> diff -u -r1.27 mod_access.c
> --- mod_access.c 1997/10/22 20:30:11 1.27
> +++ mod_access.c 1997/10/29 02:34:44
> @@ -204,12 +204,14 @@
> /* legacy syntax for ip addrs: a.b.c. ==> a.b.c.0/24 for example */
> int shift;
> char *t;
> + int octet;
>
> a->type = T_IP;
> /* parse components */
> s = where;
> a->x.ip.net = 0;
> - shift = 0;
> + a->x.ip.mask = 0;
> + shift = 24;
> while (*s) {
> t = s;
> if (!isdigit(*t)) {
> @@ -226,11 +228,21 @@
> a->type = T_FAIL;
> return "invalid ip address";
> }
> - a->x.ip.net |= atoi(s) << shift;
> + if (shift < 0) {
> + return "invalid ip address, only 4 octets allowed";
> + }
> + octet = atoi(s);
> + if (octet < 0 || octet > 255) {
> + a->type = T_FAIL;
> + return "each octet must be between 0 and 255 inclusive";
> + }
> + a->x.ip.net |= octet << shift;
> a->x.ip.mask |= 0xFFUL << shift;
> - shift += 8;
> s = t;
> + shift -= 8;
> }
> + a->x.ip.net = ntohl(a->x.ip.net);
> + a->x.ip.mask = ntohl(a->x.ip.mask);
> }
> else {
> a->type = T_HOST;
>
>
