fix(tools): block 198.18.0.0/15 in SSRF guard

RFC 2544 benchmark addresses (198.18.0.0/15) are not globally routable but were missing from the isPrivateOrRestrictedIP blocklist, allowing SSRF bypasses via literal IPv4. Fixes #3077
2026-06-12 18:08:54 +00:00 · 2026-06-09 19:00:28 +08:00
parent 46b29a0ae9
commit 2ecdb893d5
2 changed files with 8 additions and 2 deletions
@@ -2520,7 +2520,8 @@ func isObviousPrivateHost(host string, whitelist *privateHostWhitelist) bool {

 // isPrivateOrRestrictedIP returns true for IPs that should never be reached via web_fetch:
 // RFC 1918, loopback, link-local (incl. cloud metadata 169.254.x.x), carrier-grade NAT,
-// IPv6 unique-local (fc00::/7), 6to4 (2002::/16), and Teredo (2001:0000::/32).
+// benchmark (198.18.0.0/15), IPv6 unique-local (fc00::/7), 6to4 (2002::/16), and
+// Teredo (2001:0000::/32).
 func isPrivateOrRestrictedIP(ip net.IP) bool {
 	if ip == nil {
 		return true
@@ -2539,7 +2540,8 @@ func isPrivateOrRestrictedIP(ip net.IP) bool {
 			(ip4[0] == 172 && ip4[1] >= 16 && ip4[1] <= 31) ||
 			(ip4[0] == 192 && ip4[1] == 168) ||
 			(ip4[0] == 169 && ip4[1] == 254) ||
-			(ip4[0] == 100 && ip4[1] >= 64 && ip4[1] <= 127) {
+			(ip4[0] == 100 && ip4[1] >= 64 && ip4[1] <= 127) ||
+			(ip4[0] == 198 && ip4[1] >= 18 && ip4[1] <= 19) {
 			return true
 		}
 		return false