From 6fd69fcde07d8520de1d1520419f23e08955a3f6 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Sat, 13 Jun 2026 12:38:12 +0000
Subject: [PATCH] Fix log injection in IP scan range setup

Co-authored-by: ManupaKDU <95234271+ManupaKDU@users.noreply.github.com>
---
 test_testping1.py | 36 ++++++++++++++++++++++++++++++++++++
 testping1.py      |  4 +++-
 2 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/test_testping1.py b/test_testping1.py
index a3fcd04..b53e591 100644
--- a/test_testping1.py
+++ b/test_testping1.py
@@ -326,5 +326,41 @@ def test_is_reachable_calls_ping_correctly(self, mock_call):
             stdout=DEVNULL_FD, stderr=DEVNULL_FD, close_fds=False, timeout=7
         )
 
+    def test_main_log_injection(self):
+        """Test main execution block escapes log injection in the start/end IP range."""
+        import sys
+
+        result = subprocess.run(
+            [sys.executable, "-c", '''
+import sys
+import logging
+import ipaddress
+
+# We simulate the testping1.py behavior since modifying the main file directly
+# in subprocess isn't practical without writing a temporary file
+start_ip = "192.168.43.1\\nERROR: Log injected"
+end_ip = "192.168.43.254"
+
+try:
+    start_obj = ipaddress.ip_address(start_ip)
+    end_obj = ipaddress.ip_address(end_ip)
+    if start_obj.version != end_obj.version:
+        raise ValueError("start_ip and end_ip must be of the same IP version")
+    if start_obj > end_obj:
+        raise ValueError("start_ip must be less than or equal to end_ip")
+    total_ips = int(end_obj) - int(start_obj) + 1
+    if total_ips > 256:
+        raise ValueError(f"Scan range too large ({total_ips} IPs). Maximum 256 IPs allowed per scan.")
+except (ValueError, TypeError) as e:
+    logging.error(f"Invalid scan range configuration: {repr(str(e))}")
+    sys.exit(1)
+            '''], capture_output=True, text=True
+        )
+
+        self.assertIn("ERROR:root:Invalid scan range configuration:", result.stderr)
+        # We verify that the string representation explicitly escapes the newline
+        self.assertIn("\\n", result.stderr)
+        self.assertNotIn("\nERROR: Log injected", result.stderr)
+
 if __name__ == '__main__':
     unittest.main()
diff --git a/testping1.py b/testping1.py
index f0d5c7b..6e2cd99 100644
--- a/testping1.py
+++ b/testping1.py
@@ -250,7 +250,9 @@ def is_reachable(ip, timeout=1):
             raise ValueError(f"Scan range too large ({total_ips} IPs). Maximum 256 IPs allowed per scan.")
 
     except (ValueError, TypeError) as e:
-        logging.error(f"Invalid scan range configuration: {e}")
+        # 🛡️ Sentinel: Sanitize log input to prevent CRLF/Log Injection
+        # The exception message contains the unparsed, potentially malicious IP string.
+        logging.error(f"Invalid scan range configuration: {repr(str(e))}")
         exit(1)
 
     # ⚡ Bolt: Optimize sequential IP address generation