This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
The appended patch fixes PR libc/1567 and comes directly from bind
8.2.2.
The reporter called:
inet_network ("141.76.1.11.")
which lead to a segmentation fault since we wrote into parts[4] (parts
has only four elements) :-(.
The patch should go into glibc 2.1.3 and 2.2.
Andreas
2000-01-31 Andreas Jaeger <aj@suse.de>
* inet/inet_net.c (inet_network): Synch with bind 8.2.2. Fixes PR
libc/1567.
--- libc-clean/inet/inet_net.c Wed Jun 9 06:55:53 1999
+++ libc/inet/inet_net.c Mon Jan 31 08:49:54 2000
@@ -48,28 +48,35 @@
register u_int32_t val, base, n, i;
register char c;
u_int32_t parts[4], *pp = parts;
+ int digit;
again:
- val = 0; base = 10;
+ val = 0; base = 10; digit = 0;
if (*cp == '0')
- base = 8, cp++;
+ digit = 1, base = 8, cp++;
if (*cp == 'x' || *cp == 'X')
base = 16, cp++;
- while ((c = *cp)) {
+ while ((c = *cp) != 0) {
if (isdigit(c)) {
+ if (base == 8 && (c == '8' || c == '9'))
+ return (INADDR_NONE);
val = (val * base) + (c - '0');
cp++;
+ digit = 1;
continue;
}
if (base == 16 && isxdigit(c)) {
val = (val << 4) + (c + 10 - (islower(c) ? 'a' : 'A'));
cp++;
+ digit = 1;
continue;
}
break;
}
+ if (!digit)
+ return (INADDR_NONE);
if (*cp == '.') {
- if (pp >= parts + 4)
+ if (pp >= parts + 4 || val > 0xff)
return (INADDR_NONE);
*pp++ = val, cp++;
goto again;
--
Andreas Jaeger
SuSE Labs aj@suse.de
private aj@arthur.rhein-neckar.de
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |