From 7ebfa36e64193ab79ce74232daf6ed25376082d5 Mon Sep 17 00:00:00 2001
From: Luca Guerra <luca@guerra.sh>
Date: Mon, 5 Aug 2024 15:20:12 +0000
Subject: [PATCH] fix(libsinsp): check ipvXnet size before comparing

Signed-off-by: Luca Guerra <luca@guerra.sh>
---
 userspace/libsinsp/sinsp_filtercheck_fd.cpp | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/userspace/libsinsp/sinsp_filtercheck_fd.cpp b/userspace/libsinsp/sinsp_filtercheck_fd.cpp
index e3e61cfd79..51706a8d54 100644
--- a/userspace/libsinsp/sinsp_filtercheck_fd.cpp
+++ b/userspace/libsinsp/sinsp_filtercheck_fd.cpp
@@ -1501,17 +1501,33 @@ bool sinsp_filter_check_fd::compare_net(sinsp_evt *evt)
 	switch (m_fdinfo->m_type)
 	{
 	case SCAP_FD_IPV4_SERVSOCK:
+		if (filter_value_len() != sizeof(ipv4net))
+		{
+			return m_cmpop == CO_NE;
+		}
 		return flt_compare_ipv4net(m_cmpop, m_fdinfo->m_sockinfo.m_ipv4serverinfo.m_ip, (ipv4net*)filter_value_p());
 
 	case SCAP_FD_IPV6_SERVSOCK:
+		if (filter_value_len() != sizeof(ipv6net))
+		{
+			return m_cmpop == CO_NE;
+		}
 		return flt_compare_ipv6net(m_cmpop, &m_fdinfo->m_sockinfo.m_ipv6serverinfo.m_ip, (ipv6net*)filter_value_p());
 
 	case SCAP_FD_IPV4_SOCK:
+		if (filter_value_len() != sizeof(ipv4net))
+		{
+			return m_cmpop == CO_NE;
+		}
 		sip_cmp = flt_compare_ipv4net(m_cmpop, m_fdinfo->m_sockinfo.m_ipv4info.m_fields.m_sip, (ipv4net*)filter_value_p());
 		dip_cmp = flt_compare_ipv4net(m_cmpop, m_fdinfo->m_sockinfo.m_ipv4info.m_fields.m_dip, (ipv4net*)filter_value_p());
 		break;
 
 	case SCAP_FD_IPV6_SOCK:
+		if (filter_value_len() != sizeof(ipv6net))
+		{
+			return m_cmpop == CO_NE;
+		}
 		sip_cmp = flt_compare_ipv6net(m_cmpop, &m_fdinfo->m_sockinfo.m_ipv6info.m_fields.m_sip, (ipv6net*)filter_value_p());
 		dip_cmp = flt_compare_ipv6net(m_cmpop, &m_fdinfo->m_sockinfo.m_ipv6info.m_fields.m_dip, (ipv6net*)filter_value_p());
 		break;