[1/3] Check octets more often in inet_network (bz 32575)
Checks
| Context |
Check |
Description |
| redhat-pt-bot/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
| linaro-tcwg-bot/tcwg_glibc_build--master-aarch64 |
success
|
Build passed
|
| linaro-tcwg-bot/tcwg_glibc_build--master-arm |
success
|
Build passed
|
| linaro-tcwg-bot/tcwg_glibc_check--master-aarch64 |
success
|
Test passed
|
| linaro-tcwg-bot/tcwg_glibc_check--master-arm |
success
|
Test passed
|
Commit Message
Make sure that numbers never overflow uint32_t to properly validate
octets encountered in IPv4 addresses.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---
inet/inet_net.c | 2 ++
1 file changed, 2 insertions(+)
--
2.48.1
Comments
On 19/01/25 12:02, Tobias Stoeckmann wrote:
> Make sure that numbers never overflow uint32_t to properly validate
> octets encountered in IPv4 addresses.
>
> Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
The patch looks good, although I think it should be squashed with the rest
the series.
> ---
> inet/inet_net.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/inet/inet_net.c b/inet/inet_net.c
> index 50b526705d..13a818176d 100644
> --- a/inet/inet_net.c
> +++ b/inet/inet_net.c
> @@ -69,6 +69,8 @@ again:
> if (*cp == 'x' || *cp == 'X')
> digit = 0, base = 16, cp++;
> while ((c = *cp) != 0) {
> + if (val > 0xff)
> + return (INADDR_NONE);
> if (isdigit(c)) {
> if (base == 8 && (c == '8' || c == '9'))
> return (INADDR_NONE);
> --
> 2.48.1
>
@@ -69,6 +69,8 @@ again:
if (*cp == 'x' || *cp == 'X')
digit = 0, base = 16, cp++;
while ((c = *cp) != 0) {
+ if (val > 0xff)
+ return (INADDR_NONE);
if (isdigit(c)) {
if (base == 8 && (c == '8' || c == '9'))
return (INADDR_NONE);