===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/addr.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- src/usr.bin/ssh/addr.c	2021/10/22 10:51:57	1.4
+++ src/usr.bin/ssh/addr.c	2022/04/29 04:55:07	1.5
@@ -1,4 +1,4 @@
-/* $OpenBSD: addr.c,v 1.4 2021/10/22 10:51:57 dtucker Exp $ */
+/* $OpenBSD: addr.c,v 1.5 2022/04/29 04:55:07 djm Exp $ */
 
 /*
  * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -393,7 +393,7 @@
 		*mp = '\0';
 		mp++;
 		masklen = strtoul(mp, &cp, 10);
-		if (*mp == '\0' || *cp != '\0' || masklen > 128)
+		if (*mp < '0' || *mp > '9' || *cp != '\0' || masklen > 128)
 			return -1;
 	}