check that IP is not CIDR

Signed-off-by: Elazar Gershuni <[email protected]>
np-guard · Mar 10, 2024 · b0e3b45 · b0e3b45
1 parent ee62854
commit b0e3b45
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 52 deletions.
diff --git a/pkg/ipblock/ipblock.go b/pkg/ipblock/ipblock.go
@@ -66,10 +66,9 @@ func (b *IPBlock) ContainedIn(c *IPBlock) bool {
 
 // Intersect returns a new IPBlock from intersection of this IPBlock with input IPBlock
 func (b *IPBlock) Intersect(c *IPBlock) *IPBlock {
-	res := &IPBlock{}
-	res.ipRange = *b.ipRange.Copy()
-	res.ipRange.Intersect(c.ipRange)
-	return res
+	return &IPBlock{
+		ipRange: *b.ipRange.Intersect(c.ipRange),
+	}
 }
 
 // Equal returns true if this IPBlock equals the input IPBlock
@@ -79,18 +78,16 @@ func (b *IPBlock) Equal(c *IPBlock) bool {
 
 // Subtract returns a new IPBlock from subtraction of input IPBlock from this IPBlock
 func (b *IPBlock) Subtract(c *IPBlock) *IPBlock {
-	res := &IPBlock{}
-	res.ipRange = *b.ipRange.Copy()
-	res.ipRange.Subtract(c.ipRange)
-	return res
+	return &IPBlock{
+		ipRange: *b.ipRange.Subtract(c.ipRange),
+	}
 }
 
 // Union returns a new IPBlock from union of input IPBlock with this IPBlock
 func (b *IPBlock) Union(c *IPBlock) *IPBlock {
-	res := &IPBlock{}
-	res.ipRange = *b.ipRange.Copy()
-	res.ipRange.Union(c.ipRange)
-	return res
+	return &IPBlock{
+		ipRange: *b.ipRange.Union(c.ipRange),
+	}
 }
 
 // Empty returns true if this IPBlock is empty
@@ -148,12 +145,11 @@ func DisjointIPBlocks(set1, set2 []*IPBlock) []*IPBlock {
 		return ipbList[i].ipCount() < ipbList[j].ipCount()
 	})
 	// making sure the resulting list does not contain overlapping ipBlocks
-	blocksWithNoOverlaps := []*IPBlock{}
+	res := []*IPBlock{}
 	for _, ipb := range ipbList {
-		blocksWithNoOverlaps = addIntervalToList(ipb, blocksWithNoOverlaps)
+		res = addIntervalToList(ipb, res)
 	}
 
-	res := blocksWithNoOverlaps
 	if len(res) == 0 {
 		newAll := GetCidrAll()
 		res = append(res, newAll)
@@ -168,12 +164,11 @@ func addIntervalToList(ipbNew *IPBlock, ipbList []*IPBlock) []*IPBlock {
 		if !ipb.ipRange.Overlaps(&ipbNew.ipRange) {
 			continue
 		}
-		intersection := ipb.Copy()
-		intersection.ipRange.Intersect(ipbNew.ipRange)
-		ipbNew.ipRange.Subtract(intersection.ipRange)
-		if !ipb.ipRange.Equal(intersection.ipRange) {
+		intersection := ipb.Intersect(ipbNew)
+		ipbNew = ipbNew.Subtract(intersection)
+		if !ipb.Equal(intersection) {
 			toAdd = append(toAdd, intersection)
-			ipbList[idx].ipRange.Subtract(intersection.ipRange)
+			ipbList[idx] = ipbList[idx].Subtract(intersection)
 		}
 		if ipbNew.ipRange.IsEmpty() {
 			break
@@ -186,7 +181,13 @@ func addIntervalToList(ipbNew *IPBlock, ipbList []*IPBlock) []*IPBlock {
 
 // NewIPBlockFromCidr returns a new IPBlock object from input CIDR string
 func NewIPBlockFromCidr(cidr string) (*IPBlock, error) {
-	return NewIPBlock(cidr, []string{})
+	span, err := cidrToInterval(cidr)
+	if err != nil {
+		return nil, err
+	}
+	return &IPBlock{
+		ipRange: *interval.CreateSetFromInterval(span.Start, span.End),
+	}, nil
 }
 
 // PairCIDRsToIPBlocks returns two IPBlock objects from two input CIDR strings
@@ -209,42 +210,31 @@ func NewIPBlockFromCidrOrAddress(s string) (*IPBlock, error) {
 
 // NewIPBlockFromCidrList returns IPBlock object from multiple CIDRs given as list of strings
 func NewIPBlockFromCidrList(cidrsList []string) (*IPBlock, error) {
-	res := &IPBlock{ipRange: interval.CanonicalSet{}}
+	ipRange := interval.NewCanonicalIntervalSet()
 	for _, cidr := range cidrsList {
 		block, err := NewIPBlockFromCidr(cidr)
 		if err != nil {
 			return nil, err
 		}
-		res = res.Union(block)
+		ipRange = ipRange.Union(block.ipRange)
 	}
-	return res, nil
+	return &IPBlock{ipRange: *ipRange}, nil
 }
 
-// NewIPBlock returns an IPBlock object from input cidr str an exceptions cidr str
-func NewIPBlock(cidr string, exceptions []string) (*IPBlock, error) {
-	res := IPBlock{ipRange: interval.CanonicalSet{}}
-	span, err := cidrToInterval(cidr)
-	if err != nil {
-		return nil, err
+func ipv4AddressToCidr(ipAddress string) (string, error) {
+	if strings.Contains(ipAddress, "/") {
+		return "", fmt.Errorf("%v is not an IP address", ipAddress)
 	}
-	res.ipRange.AddInterval(*span)
-	for i := range exceptions {
-		intervalHole, err := cidrToInterval(exceptions[i])
-		if err != nil {
-			return nil, err
-		}
-		res.ipRange.AddHole(*intervalHole)
-	}
-	return &res, nil
-}
-
-func ipv4AddressToCidr(ipAddress string) string {
-	return ipAddress + "/32"
+	return ipAddress + "/32", nil
 }
 
 // NewIPBlockFromIPAddress returns an IPBlock object from input IP address string
 func NewIPBlockFromIPAddress(ipAddress string) (*IPBlock, error) {
-	return NewIPBlock(ipv4AddressToCidr(ipAddress), []string{})
+	cidr, err := ipv4AddressToCidr(ipAddress)
+	if err != nil {
+		return nil, err
+	}
+	return NewIPBlockFromCidr(cidr)
 }
 
 func cidrToIPRange(cidr string) (start, end int64, err error) {

diff --git a/pkg/ipblock/ipblock_test.go b/pkg/ipblock/ipblock_test.go
@@ -23,10 +23,6 @@ func TestOps(t *testing.T) {
 	minus := ipb1.Subtract(ipb2)
 	require.Equal(t, "1.2.3.0-1.2.3.3, 1.2.3.5-1.2.3.255", minus.ToIPRanges())
 
-	minus2, err := ipblock.NewIPBlock(ipb1.ToCidrListString(), []string{ipb2.ToCidrListString()})
-	require.Nil(t, err)
-	require.Equal(t, minus.ToCidrListString(), minus2.ToCidrListString())
-
 	intersect := ipb1.Intersect(ipb2)
 	require.Equal(t, intersect, ipb2)
 
@@ -109,10 +105,7 @@ func TestPrefixLength(t *testing.T) {
 }
 
 func TestBadPath(t *testing.T) {
-	_, err := ipblock.NewIPBlock("not-a-cidr", nil)
-	require.NotNil(t, err)
-
-	_, err = ipblock.NewIPBlock("2.5.7.9/24", []string{"5.6.7.8/20", "not-a-cidr"})
+	_, err := ipblock.NewIPBlockFromCidr("not-a-cidr")
 	require.NotNil(t, err)
 
 	_, err = ipblock.NewIPBlockFromCidrList([]string{"1.2.3.4/20", "not-a-cidr"})