auth: If allow_nets has an invalid value, don't attempt to compare it…

… anymore. This fixes a potential crash because net_is_in_network() was called with garbage net_ip.
dovecot · Jan 4, 2016 · f53a1b9 · f53a1b9
1 parent 7375e38
commit f53a1b9
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
@@ -1343,10 +1343,8 @@ auth_request_validate_networks(struct auth_request *request,
 		if (net_parse_range(*net, &net_ip, &bits) < 0) {
 			auth_request_log_info(request, AUTH_SUBSYS_DB,
 				"%s: Invalid network '%s'", name, *net);
-		}
-
-		if (remote_ip->family != 0 &&
-		    net_is_in_network(remote_ip, &net_ip, bits)) {
+		} else if (remote_ip->family != 0 &&
+			   net_is_in_network(remote_ip, &net_ip, bits)) {
 			found = TRUE;
 			break;
 		}