Validate netmask in traffic_selector_create_from_subnet
authorTobias Brunner <tobias@strongswan.org>
Mon, 13 Aug 2012 10:57:41 +0000 (12:57 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 13 Aug 2012 11:46:19 +0000 (13:46 +0200)
Fixes #216.

src/libstrongswan/selectors/traffic_selector.c

index bc814ea..38d4b2d 100644 (file)
@@ -757,6 +757,7 @@ traffic_selector_t *traffic_selector_create_from_subnet(host_t *net,
        }
        from = net->get_address(net);
        memcpy(this->from, from.ptr, from.len);
+       netbits = min(netbits, this->type == TS_IPV4_ADDR_RANGE ? 32 : 128);
        calc_range(this, netbits);
        if (port)
        {