Halaman utama Jelajahi Bantuan
Masuk
hongwenjun
/
musl
cermin dari https://git.musl-libc.org/git/musl
1
0
Fork 0
Berkas Masalah 0 Wiki
Jelajahi Sumber

fix internal buffer overrun in inet_pton

one stop condition for parsing abbreviated ipv6 addressed was missed,
allowing the internal ip[] buffer to overflow. this patch adds the
missing stop condition and masks the array index so that, in case
there are any remaining stop conditions missing, overflowing the
buffer is not possible.
Rich Felker 10 tahun lalu
induk
7c8c86f630
melakukan
fc13acc3dc
1 mengubah file dengan 3 tambahan dan 2 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 3 2
      src/network/inet_pton.c

+ 3 - 2
src/network/inet_pton.c
Tampilan Berkas 

@@ -39,14 +39,15 @@ int inet_pton(int af, const char *restrict s, void *restrict a0)
 
 	for (i=0; ; i++) {
 
 		if (s[0]==':' && brk<0) {
 
 			brk=i;
 
-			ip[i]=0;
 
+			ip[i&7]=0;
 
 			if (!*++s) break;
 
+			if (i==7) return 0;
 
 			continue;
 
 		}
 
 		for (v=j=0; j<4 && (d=hexval(s[j]))>=0; j++)
 
 			v=16*v+d;
 
 		if (j==0) return 0;
 
-		ip[i] = v;
 
+		ip[i&7] = v;
 
 		if (!s[j] && (brk>=0 || i==7)) break;
 
 		if (i==7) return 0;
 
 		if (s[j]!=':') {