diff options
author | Szabolcs Nagy <nsz@port70.net> | 2013-10-22 12:28:17 +0000 |
---|---|---|
committer | Szabolcs Nagy <nsz@port70.net> | 2013-10-22 12:28:17 +0000 |
commit | 51c4e451db10317616e557a7aa7922bababa77d5 (patch) | |
tree | 4af96779ba2fe11555849fd60a336141e7c96e35 /src/network | |
parent | 59b8dc08f712f156dd54e0aba50e4e647524ec8c (diff) | |
download | musl-51c4e451db10317616e557a7aa7922bababa77d5.tar.gz musl-51c4e451db10317616e557a7aa7922bababa77d5.tar.bz2 musl-51c4e451db10317616e557a7aa7922bababa77d5.tar.xz musl-51c4e451db10317616e557a7aa7922bababa77d5.zip |
fix __ipparse to parse the generic numbers-and-dots IPv4 format correctly
* allow at most 4 parts
* bounds check the parts correctly
* disallow leading whitespace and sign
* check the address family before falling back to IPv6
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/__ipparse.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/network/__ipparse.c b/src/network/__ipparse.c index b0647aac..2480265b 100644 --- a/src/network/__ipparse.c +++ b/src/network/__ipparse.c @@ -1,27 +1,31 @@ #include <string.h> #include <stdlib.h> +#include <ctype.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> #include "__dns.h" -#include <stdio.h> int __ipparse(void *dest, int family, const char *s0) { const char *s = s0; unsigned char *d = dest; unsigned long a[16] = { 0 }; - const char *z; + char *z; int i; if (family == AF_INET6) goto not_v4; for (i=0; i<4; i++) { - a[i] = strtoul(s, (char **)&z, 0); - if (z==s || (*z && *z != '.')) goto not_v4; + a[i] = strtoul(s, &z, 0); + if (z==s || (*z && *z != '.') || !isdigit(*s)) { + if (family == AF_INET) return -1; + goto not_v4; + } if (!*z) break; s=z+1; } + if (i==4) return -1; switch (i) { case 0: a[1] = a[0] & 0xffffff; @@ -35,7 +39,10 @@ int __ipparse(void *dest, int family, const char *s0) } ((struct sockaddr_in *)d)->sin_family = AF_INET; d = (void *)&((struct sockaddr_in *)d)->sin_addr; - for (i=0; i<4; i++) d[i] = a[i]; + for (i=0; i<4; i++) { + if (a[i] > 255) return -1; + d[i] = a[i]; + } return 0; not_v4: |