block_on_subnets broken?

Mikhail Zabaluev mhz at altlinux.org
Sun Oct 8 20:07:30 CEST 2006 

Hello,

I have installed bogofilter 1.1.1 and started to build a wordlist from
scratch. I have block_on_subnets enabled in the settings.
However, instead of a series of ip: prefixed address tokens I got this
in my list:

ip127.0.0.1 3 1 20061008
ip202.108.37.61 1 0 20061008
ip202.144.95.245 0 1 20061008
ip219.146.46.63 1 0 20061008
ip221.212.74.229 1 0 20061008
ip84.10.23.247 1 0 20061008
ipip20201414959545 0 1 20061008
ipip22222121747429 1 0 20061008
ipipip.1.1232347 1 0 20061008
ipipipi.0.0.1 3 1 20061008
ipipipi.1.1.3.361 1 0 20061008
ipipipi.1.1.4.463 1 0 20061008
ipipipip.1.1232347 1 0 20061008
ipipipipi.0.0.1 3 1 20061008
ipipipipi.1.1.3.361 1 0 20061008
ipipipipi.1.1.4.463 1 0 20061008
ipipipipip.1.1232347 1 0 20061008
ipipipipipi.0.0.1 3 1 20061008
ipipipipipi.1.1.3.361 1 0 20061008
ipipipipipi.1.1.4.463 1 0 20061008
ipipipipipip.1.1232347 1 0 20061008
ipipipipipipi.0.0.1 3 1 20061008
ipipipipipipi.1.1.3.361 1 0 20061008
ipipipipipipi.1.1.4.463 1 0 20061008
ipipipipipipip.1.1232347 1 0 20061008
ipipipipipipipi.0.0.1 3 1 20061008
ipipipipipipipi.1.1.3.361 1 0 20061008
ipipipipipipipi.1.1.4.463 1 0 20061008
ipipipipipipipip.1.1232347 1 0 20061008
ipipipipipipipipi.0.0.1 3 1 20061008
ipipipipipipipipi.1.1.3.361 1 0 20061008
ipipipipipipipipi.1.1.4.463 1 0 20061008
ipipipipipipipipip.1.1232347 1 0 20061008
ipipipipipipipipipi.0.0.1 3 1 20061008
ipipipipipipipipipi.1.1.3.361 1 0 20061008
ipipipipipipipipipi.1.1.4.463 1 0 20061008
ipipipipipipipipipipi.0.0.1 3 1 20061008
ipipipipipipipipipipi.1.1.3 1 0 20061008
ipipipipipipipipipipi.1.1.4 1 0 20061008
ipipipipipipipipipipi1.1.32 1 0 20061008
ipipipipipipipipipipipi.0.0.1 3 1 20061008
ipipipipipipipipipipipi.1.1.3 1 0 20061008
ipipipipipipipipipipipi.1.1.4 1 0 20061008
ipipipipipipipipipipipi1.1.32 1 0 20061008
ipipipipipipipipipipipipi.0 3 1 20061008
ipipipipipipipipipipipipi.1 2 0 20061008
ipipipipipipipipipipipipi1. 1 0 20061008
ipipipipipipipipipipipipipi 3 1 20061008
ipipipipipipipipipipipipipi.0 3 1 20061008
ipipipipipipipipipipipipipi.1 2 0 20061008
ipipipipipipipipipipipipipi1. 1 0 20061008

Looks like something got wrong.
The code that parses IP addresses looks a bit dodgy too:

		if (sscanf((const char *)text, "%d.%d.%d.%d", &q1, &q2, &q3, &q4) == 4)
		    /* safe because result string guaranteed to be shorter */
		    sprintf((char *)text, "%d.%d.%d.%d",
			    q1 & 0xff, q2 & 0xff, q3 & 0xff, q4 & 0xff);

I hope the numbers cannot be negative at this point, otherwise a crafted
token could overflow the buffer. It's safer to use "%u.%u.%u.%u" and
unsigned integers there.

More information about the Bogofilter mailing list