Return the last host before skipping an octet in an IPv4 range exclude

group. Not doing this was the cause of off-by-one errors that led to assertion failures and, potentially, excluded hosts being scanned. Here is the comment I added: /* The decision to skip a range was based on the address that came immediately before what our current array contains now. For example, if we have just handed out 0.0.0.0 from the the range 0-5.0.0.0, and we're asked to skip the first octet, we want to advance to 1.0.0.0. But 1.0.0.0 is what is in the current array right now, because TargetGroup::get_next_host advances the array after returning an address. If we didn't step back we would erroneously skip ahead to 2.0.0.0. */
2025-12-24 00:19:01 +00:00 · 2009-11-18 01:17:59 +00:00
parent 714dd18f7f
commit a4fc71afb6
2 changed files with 19 additions and 3 deletions
--- a/TargetGroup.cc
+++ b/TargetGroup.cc
@@ -351,6 +351,15 @@ int TargetGroup::skip_range(_octet_nums octet) {
  if (targets_type != IPV4_RANGES)
    return -1;

+  /* The decision to skip a range was based on the address that came immediately
+     before what our current array contains now. For example, if we have just
+     handed out 0.0.0.0 from the the range 0-5.0.0.0, and we're asked to skip
+     the first octet, we want to advance to 1.0.0.0. But 1.0.0.0 is what is in
+     the current array right now, because TargetGroup::get_next_host advances
+     the array after returning an address. If we didn't step back we would
+     erroneously skip ahead to 2.0.0.0. */
+  return_last_host();
+
  switch (octet) {
    case FIRST_OCTET:
      oct = 0;
@@ -386,9 +395,7 @@ int TargetGroup::skip_range(_octet_nums octet) {
    current[i] = 0;
  }

-  /* we actually don't skip the current, it was accounted for 
-   * by get_next_host */
-  ipsleft -= hosts_skipped - 1;
+  ipsleft -= hosts_skipped;
 
  return hosts_skipped;
 }