net: prevent /32 ipv4 mask from matching all ips

Fixes: #43360

Author: supriyo-biswas

src/node_sockaddr.cc

@@ -215,6 +215,9 @@ bool in_network_ipv4(
     const SocketAddress& ip,
     const SocketAddress& net,
     int prefix) {
+  if (prefix == 32)
+    return compare_ipv4(ip, net) == SocketAddress::CompareResult::SAME;
+
   uint32_t mask = ((1 << prefix) - 1) << (32 - prefix);
 
   const sockaddr_in* ip_in =

test/parallel/test-blocklist.js

@@ -272,3 +272,13 @@ const util = require('util');
   const ret = util.inspect(blockList, { depth: null });
   assert(ret.includes('rules: []'));
 }
+
+{
+  // Test for https://github.com/nodejs/node/issues/43360
+  const blocklist = new BlockList();
+  blocklist.addSubnet('1.1.1.1', 32, 'ipv4');
+
+  assert(blocklist.check('1.1.1.1'));
+  assert(!blocklist.check('1.1.1.2'));
+  assert(!blocklist.check('2.3.4.5'));
+}