[New-bugs-announce] [issue36845] ipaddres.IPv4Network and ipaddress.IPv6Network tuple construction will accept out of valid range prefixlen
Nicolai Moore
report at bugs.python.org
Tue May 7 18:53:58 EDT 2019
New submission from Nicolai Moore <niconorsk at gmail.com>:
When using the tuple-form of constructing IPv4Network and IPv6Network will accept prefixlen outside of the normal allowed ranges.
Example:
>>> import ipaddress
>>> ipaddress.IPv4Network(('172.21.1.0', 400))
IPv4Network('172.21.1.0/400')
If given a negative number, it will error but not with a particularly useful error:
>>> x = ipaddress.IPv4Network(('172.21.1.0', -1))
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib64/python3.7/ipaddress.py", line 1532, in __init__
self.netmask, self._prefixlen = self._make_netmask(mask)
File "/usr/lib64/python3.7/ipaddress.py", line 1112, in _make_netmask
netmask = IPv4Address(cls._ip_int_from_prefix(prefixlen))
File "/usr/lib64/python3.7/ipaddress.py", line 444, in _ip_int_from_prefix
return cls._ALL_ONES ^ (cls._ALL_ONES >> prefixlen)
ValueError: negative shift count
Looking at the code, I think all that is needed is a range check within the respective _make_netmask methods in _BaseV4 and _BaseV6 classes
----------
components: Library (Lib)
messages: 341839
nosy: niconorsk
priority: normal
severity: normal
status: open
title: ipaddres.IPv4Network and ipaddress.IPv6Network tuple construction will accept out of valid range prefixlen
type: behavior
versions: Python 3.5, Python 3.6, Python 3.7, Python 3.8, Python 3.9
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue36845>
_______________________________________
More information about the New-bugs-announce
mailing list