From 4bc7bb3bce3715607ee2dd664bfdb0c22f6a309a Mon Sep 17 00:00:00 2001
From: AH-dark <ahdark0428@gmail.com>
Date: Thu, 4 Apr 2024 01:15:21 +0800
Subject: [PATCH] fix: do not allow ping for loopback ip

---
 .../network-functions-handler/src/handlers.rs  | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/rust-components/network-functions-handler/src/handlers.rs b/rust-components/network-functions-handler/src/handlers.rs
index f692a2c..f903ecd 100644
--- a/rust-components/network-functions-handler/src/handlers.rs
+++ b/rust-components/network-functions-handler/src/handlers.rs
@@ -141,6 +141,22 @@ pub(crate) async fn ping_handler(
         message,
         "Failed to parse target: {}"
     );
+    
+    // do not ping loopback address
+    if target_ip.is_loopback() {
+        let err = anyhow::anyhow!("Target is loopback address");
+        send_error_message!(bot, message, "Target is loopback address");
+        cx.span().record_error(err.as_ref());
+        return Err(err);
+    }
+    
+    // do not ping unspecified address
+    if target_ip.is_unspecified() {
+        let err = anyhow::anyhow!("Target is unspecified address");
+        send_error_message!(bot, message, "Target is unspecified address");
+        cx.span().record_error(err.as_ref());
+        return Err(err);
+    }
 
     let (pinger, results) = match_error!(
         Pinger::new(None, Some(56)),
@@ -152,7 +168,7 @@ pub(crate) async fn ping_handler(
     pinger.add_ipaddr(target_ip.to_string().as_str());
     pinger.ping_once();
 
-    match results.recv_timeout(Duration::from_secs(10)) {
+    match results.recv_timeout(Duration::from_secs(5)) {
         Ok(result) => match result {
             Idle { addr } => {
                 let err = format!("Failed to ping target: {}", addr);