diff options
| author | Tobias Stoeckmann <tobias@stoeckmann.org> | 2025-02-12 19:46:06 +0100 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2025-02-13 16:31:28 -0300 |
| commit | 6a3cb6b1bd63e167fc525cce07010ff78197b271 (patch) | |
| tree | 7fcc3d2f846503b5ee993096c0ad6212aa0cdc2c /inet | |
| parent | 991febc2f46d51801691bbd489d290820728d241 (diff) | |
| download | glibc-6a3cb6b1bd63e167fc525cce07010ff78197b271.tar.xz glibc-6a3cb6b1bd63e167fc525cce07010ff78197b271.zip | |
nss: Improve network number parsers (bz 32573, 32575)
Make sure that numbers never overflow uint32_t in inet_network to
properly validate octets encountered in IPv4 addresses.
Avoid malloca in NSS networks file code because /etc/networks lines
can be arbitrarily long. Instead of handcrafting the input for
inet_network by adding ".0" octets if they are missing, just left shift
the result. Also, do not accept invalid entries, but ignore the line
instead.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Diffstat (limited to 'inet')
| -rw-r--r-- | inet/inet_net.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/inet/inet_net.c b/inet/inet_net.c index 50b526705d..13a818176d 100644 --- a/inet/inet_net.c +++ b/inet/inet_net.c @@ -69,6 +69,8 @@ again: if (*cp == 'x' || *cp == 'X') digit = 0, base = 16, cp++; while ((c = *cp) != 0) { + if (val > 0xff) + return (INADDR_NONE); if (isdigit(c)) { if (base == 8 && (c == '8' || c == '9')) return (INADDR_NONE); |