From 45ba20bcb09e03ca7a69d0d6107e6e4da5f04a60 Mon Sep 17 00:00:00 2001
From: Alexander Gozman <a.gozman@securitycode.ru>
Date: Mon, 23 Mar 2015 20:06:47 +0300
Subject: [PATCH] DetectAddressParseString(): fix IPv6 address handling

---
 src/detect-engine-address.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c
index 19b960a79b..31e6a7ab81 100644
--- a/src/detect-engine-address.c
+++ b/src/detect-engine-address.c
@@ -709,12 +709,16 @@ int DetectAddressParseString(DetectAddress *dd, char *str)
             ip[mask - ip] = '\0';
             mask++;
 
+            int cidr = atoi(mask);
+            if (cidr < 0 || cidr > 128)
+                    goto error;
+
             r = inet_pton(AF_INET6, ip, &in6);
             if (r <= 0)
                 goto error;
             memcpy(&ip6addr, &in6.s6_addr, sizeof(ip6addr));
 
-            DetectAddressParseIPv6CIDR(atoi(mask), &mask6);
+            DetectAddressParseIPv6CIDR(cidr, &mask6);
             memcpy(&netmask, &mask6.s6_addr, sizeof(netmask));
 
             dd->ip2.addr_data32[0] = dd->ip.addr_data32[0] = ip6addr[0] & netmask[0];