Project

General

Profile

Actions

Bug #3667

closed

Signature with an IP range creates one IPOnlyCIDRItem by IP address

Added by Jeff Lucovsky over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by fuzzing https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21817

For example, when we want the range 41.232.107.2-43.252.37.6, it creates millions of IPOnlyCIDRItem because it gives them all a netmask of 32

Solution is to extend the net mask so that it uses

41.232.107.3/32
41.232.107.4/30
41.232.107.8/29
41.232.107.16/28
41.232.107.32/27
41.232.107.64/26
41.232.107.128/25
41.232.108.0/22
41.232.112.0/20
41.232.128.0/17
41.233.0.0/16
41.234.0.0/15
41.236.0.0/14
41.240.0.0/12
42.0.0.0/8
43.0.0.0/9
43.128.0.0/10
43.192.0.0/11
43.224.0.0/12
43.240.0.0/13
43.248.0.0/14
43.252.0.0/19
43.252.32.0/22
43.252.36.0/24
43.252.37.0/30
43.252.37.4/31
43.252.37.6/32


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3662: Signature with an IP range creates one IPOnlyCIDRItem by IP addressClosedPhilippe AntoineActions
Actions #1

Updated by Jeff Lucovsky over 4 years ago

  • Copied from Bug #3662: Signature with an IP range creates one IPOnlyCIDRItem by IP address added
Actions #2

Updated by Jeff Lucovsky over 4 years ago

  • Target version set to 5.0.3
Actions #3

Updated by Jeff Lucovsky over 4 years ago

  • Status changed from Assigned to In Review
Actions #4

Updated by Victor Julien over 4 years ago

  • Status changed from In Review to Closed
  • Affected Versions 5.0.2 added
  • Affected Versions deleted (5.0.3)
Actions #5

Updated by Jeff Lucovsky over 4 years ago

  • Subject changed from Signature with an IP range creates one IPOnlyCIDRItem by signe IP address to Signature with an IP range creates one IPOnlyCIDRItem by IP address
Actions

Also available in: Atom PDF