fix(tools): block 198.18.0.0/15 in SSRF guard

RFC 2544 benchmark addresses (198.18.0.0/15) are not globally routable but were missing from the isPrivateOrRestrictedIP blocklist, allowing SSRF bypasses via literal IPv4. Fixes #3077
2026-06-12 18:08:54 +00:00 · 2026-06-09 19:00:28 +08:00
parent 46b29a0ae9
commit 2ecdb893d5
2 changed files with 8 additions and 2 deletions
@@ -2520,7 +2520,8 @@ func isObviousPrivateHost(host string, whitelist *privateHostWhitelist) bool {

 // isPrivateOrRestrictedIP returns true for IPs that should never be reached via web_fetch:
 // RFC 1918, loopback, link-local (incl. cloud metadata 169.254.x.x), carrier-grade NAT,
-// IPv6 unique-local (fc00::/7), 6to4 (2002::/16), and Teredo (2001:0000::/32).
+// benchmark (198.18.0.0/15), IPv6 unique-local (fc00::/7), 6to4 (2002::/16), and
+// Teredo (2001:0000::/32).
 func isPrivateOrRestrictedIP(ip net.IP) bool {
 	if ip == nil {
 		return true
@@ -2539,7 +2540,8 @@ func isPrivateOrRestrictedIP(ip net.IP) bool {
 			(ip4[0] == 172 && ip4[1] >= 16 && ip4[1] <= 31) ||
 			(ip4[0] == 192 && ip4[1] == 168) ||
 			(ip4[0] == 169 && ip4[1] == 254) ||
-			(ip4[0] == 100 && ip4[1] >= 64 && ip4[1] <= 127) {
+			(ip4[0] == 100 && ip4[1] >= 64 && ip4[1] <= 127) ||
+			(ip4[0] == 198 && ip4[1] >= 18 && ip4[1] <= 19) {
 			return true
 		}
 		return false
@@ -966,6 +966,10 @@ func TestIsPrivateOrRestrictedIP_Table(t *testing.T) {
 		{"192.168.1.1", true, "IPv4 private class C"},
 		{"169.254.169.254", true, "link-local / cloud metadata"},
 		{"100.64.0.1", true, "carrier-grade NAT"},
+		{"198.18.0.1", true, "RFC 2544 benchmark"},
+		{"198.19.255.1", true, "RFC 2544 benchmark end"},
+		{"198.17.0.1", false, "just before 198.18.0.0/15"},
+		{"198.20.0.1", false, "just after 198.19.255.255"},
 		{"0.0.0.0", true, "unspecified"},
 		{"8.8.8.8", false, "public DNS"},
 		{"1.1.1.1", false, "public DNS"},