Re: PATCH: Disallow a netmask of zero unless the IP is also all zeroes
Andreas Karlsson <andreas@proxel.se>
From: Andreas Karlsson <andreas@proxel.se>
To: Tom Lane <tgl@sss.pgh.pa.us>, Greg Sabino Mullane <htamfids@gmail.com>
Cc: pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2025-02-14T11:41:19Z
Lists: pgsql-hackers
On 2/11/25 9:25 PM, Tom Lane wrote: > Greg Sabino Mullane <htamfids@gmail.com> writes: >> I say "of course" but few people (even tech ones) know the distinction. >> (Nor should they have to! But that's for a nearby thread). This patch aims >> to prevent this very bad footgun by only allowing a /0 if the IP consists >> of only zeroes. It works for ipv4 and ipv6. > > More generally, should we reject if the netmask causes *any* nonzero > IP bits to be ignored? Our CIDR type already imposes that rule: +1 From me too. I think we should fix the general issue rather than special casing /0. Andreas