This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[COMMITED][BZ #15277] Fix inet_network("1 bar")
- From: OndÅej BÃlka <neleai at seznam dot cz>
- To: Carlos O'Donell <carlos at redhat dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Thu, 17 Oct 2013 18:35:52 +0200
- Subject: [COMMITED][BZ #15277] Fix inet_network("1 bar")
- Authentication-results: sourceware.org; auth=none
- References: <20131008191331 dot GA16990 at domone dot podge> <20131017153944 dot GE31767 at domone dot podge> <52600ADF dot 7060801 at redhat dot com>
On Thu, Oct 17, 2013 at 12:05:51PM -0400, Carlos O'Donell wrote:
> On 10/17/2013 11:39 AM, OndÅej BÃlka wrote:
> > On Tue, Oct 08, 2013 at 09:13:31PM +0200, OndÅej BÃlka wrote:
> >> Hi,
> >>
> >> Here we do not detect that address is invalid as code only checked if
> >> first byte after address is space. This patch checks rest of string for
> >> nonspace characters.
> >>
> >> Author of this bug added several cases to testcase, should we include
> >> them or just 1 bar one.
> >>
> >> https://sourceware.org/bugzilla/show_bug.cgi?id=15277
> >>
> > Here is version that adds one test. OK to commit?
> >
> > [BZ #15277]
> > * inet/inet_net.c (inet_network): Properly detect invalid strings.
>
> Suggest: "Detect additional invalid strings."
>
> > * inet/tst-network.c: Add testcase.
>
> Two nits.
>
> > diff --git a/inet/inet_net.c b/inet/inet_net.c
> > index 68e232f..85ce6b3 100644
> > --- a/inet/inet_net.c
> > +++ b/inet/inet_net.c
> > @@ -81,7 +81,9 @@ again:
> > *pp++ = val, cp++;
> > goto again;
> > }
> > - if (*cp && !isspace(*cp))
> > + while (isspace(*cp))
> > + cp++;
>
> Skip spaces until the next non-space including \0.
>
> This increases the QoI by detecting invalid addresses.
>
> I'm happy with this change because inet_pton would have
> rejected this address also.
>
> > + if (*cp)
>
> If we got to \0 this won't trigger since it's potentially
> a valid string with spaces after it.
>
> > return (INADDR_NONE);
> > if (pp >= parts + 4 || val > 0xff)
> > return (INADDR_NONE);
> > diff --git a/inet/tst-network.c b/inet/tst-network.c
> > index 6b79e62..ae3f938 100644
> > --- a/inet/tst-network.c
> > +++ b/inet/tst-network.c
> > @@ -38,6 +38,7 @@ struct
> > {"0x0", 0},
> > /* Now some invalid addresses. */
> > {"0x", INADDR_NONE},
>
> Add comment "/* Bug 15277. */" to make it easier to know
> why this case was added.
>
> > + {"1 bar", INADDR_NONE},
>
> OK.
>
> > {"141.30.225.2800", INADDR_NONE},
> > {"141.76.1.1.1", INADDR_NONE},
> > {"141.76.1.11.", INADDR_NONE},
> >
>
> Please add the FSF copyright header after the existing
> copyright header since we are adding FSF copyrighted
> material to this file.
>
> OK with those changes.
>
This is what I commited.
---
ChangeLog | 6 ++++++
NEWS | 14 +++++++-------
inet/inet_net.c | 22 +++++++++++++++++++++-
inet/tst-network.c | 1 +
4 files changed, 35 insertions(+), 8 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 83e477d..dc8745a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2013-10-17 OndÅej BÃlka <neleai@seznam.cz>
+
+ [BZ #15277]
+ * inet/inet_net.c (inet_network): Detect additional invalid strings.
+ * inet/tst-network.c: Add testcase.
+
2013-10-17 Andreas Schwab <schwab@suse.de>
[BZ #15218]
diff --git a/NEWS b/NEWS
index 507d8fb..0efdde5 100644
--- a/NEWS
+++ b/NEWS
@@ -10,13 +10,13 @@ Version 2.19
* The following bugs are resolved with this release:
156, 431, 832, 13028, 13982, 13985, 14155, 14547, 14699, 14910, 15048,
- 15218, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609,
- 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735, 15736,
- 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849, 15855,
- 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895,
- 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988,
- 16032, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988,
- 16032, 16034, 16036, 16041.
+ 15218, 15277, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608,
+ 15609, 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735,
+ 15736, 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849,
+ 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893,
+ 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966,
+ 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966,
+ 15988, 16032, 16034, 16036, 16041.
* CVE-2012-4412 The strcoll implementation caches indices and rules for
large collation sequences to optimize multiple passes. This cache
diff --git a/inet/inet_net.c b/inet/inet_net.c
index 68e232f..5d61c75 100644
--- a/inet/inet_net.c
+++ b/inet/inet_net.c
@@ -27,6 +27,24 @@
* SUCH DAMAGE.
*/
+/* Copyright (C) 2013 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)inet_network.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
@@ -81,7 +99,9 @@ again:
*pp++ = val, cp++;
goto again;
}
- if (*cp && !isspace(*cp))
+ while (isspace(*cp))
+ cp++;
+ if (*cp)
return (INADDR_NONE);
if (pp >= parts + 4 || val > 0xff)
return (INADDR_NONE);
diff --git a/inet/tst-network.c b/inet/tst-network.c
index 6b79e62..2eefb0c 100644
--- a/inet/tst-network.c
+++ b/inet/tst-network.c
@@ -38,6 +38,7 @@ struct
{"0x0", 0},
/* Now some invalid addresses. */
{"0x", INADDR_NONE},
+ {"1 bar", INADDR_NONE}, /* Bug 15277. */
{"141.30.225.2800", INADDR_NONE},
{"141.76.1.1.1", INADDR_NONE},
{"141.76.1.11.", INADDR_NONE},
--
1.8.4.rc3