mirrors/musl
0
0
Fork 0
mirror of git://git.musl-libc.org/musl synced 2024-11-27 12:04:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix internal buffer overrun in inet_pton

Browse Source 
one stop condition for parsing abbreviated ipv6 addressed was missed,
allowing the internal ip[] buffer to overflow. this patch adds the
missing stop condition and masks the array index so that, in case
there are any remaining stop conditions missing, overflowing the
buffer is not possible.

(cherry picked from commit fc13acc3dc)
This commit is contained in:
Rich Felker 2015-03-23 09:44:18 -04:00
parent ee6f8114df
commit f0a5b139ef
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/network/inet_pton.c
View File

@ -39,14 +39,15 @@ int inet_pton(int af, const char *restrict s, void *restrict a0)
for (i=0; ; i++) {
if (s[0]==':' && brk<0) {
brk=i;
ip[i]=0;
ip[i&7]=0;
if (!*++s) break;
if (i==7) return 0;
continue;
}
for (v=j=0; j<4 && (d=hexval(s[j]))>=0; j++)
v=16*v+d;
if (j==0) return 0;
ip[i] = v;
ip[i&7] = v;
if (!s[j] && (brk>=0 || i==7)) break;
if (i==7) return 0;
if (s[j]!=':') {