Inicio Explorar Axuda
Iniciar sesión
hongwenjun
/
musl
réplica de https://git.musl-libc.org/git/musl
1
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

fix internal buffer overrun in inet_pton

one stop condition for parsing abbreviated ipv6 addressed was missed,
allowing the internal ip[] buffer to overflow. this patch adds the
missing stop condition and masks the array index so that, in case
there are any remaining stop conditions missing, overflowing the
buffer is not possible.

(cherry picked from commit fc13acc3dcb5b1f215c007f583a63551f6a71363)
Rich Felker %!s(int64=10) %!d(string=hai) anos
pai
ee6f8114df
achega
f0a5b139ef
Modificáronse 1 ficheiros con 3 adicións e 2 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 3 2
      src/network/inet_pton.c

+ 3 - 2
src/network/inet_pton.c
Ver ficheiro 

@@ -39,14 +39,15 @@ int inet_pton(int af, const char *restrict s, void *restrict a0)
 
 	for (i=0; ; i++) {
 
 		if (s[0]==':' && brk<0) {
 
 			brk=i;
 
-			ip[i]=0;
 
+			ip[i&7]=0;
 
 			if (!*++s) break;
 
+			if (i==7) return 0;
 
 			continue;
 
 		}
 
 		for (v=j=0; j<4 && (d=hexval(s[j]))>=0; j++)
 
 			v=16*v+d;
 
 		if (j==0) return 0;
 
-		ip[i] = v;
 
+		ip[i&7] = v;
 
 		if (!s[j] && (brk>=0 || i==7)) break;
 
 		if (i==7) return 0;
 
 		if (s[j]!=':') {