Module Name: src
Committed By: christos
Date: Sun Mar 6 16:00:20 UTC 2011
Modified Files:
src/lib/libc/inet: inet_net_pton.c
Log Message:
Check bits on each loop to prevent integer oveflow.
Reported by Maksymilian Arciemowicz
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/lib/libc/inet/inet_net_pton.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libc/inet/inet_net_pton.c
diff -u src/lib/libc/inet/inet_net_pton.c:1.1 src/lib/libc/inet/inet_net_pton.c:1.2
--- src/lib/libc/inet/inet_net_pton.c:1.1 Thu May 20 19:13:02 2004
+++ src/lib/libc/inet/inet_net_pton.c Sun Mar 6 11:00:20 2011
@@ -20,7 +20,7 @@
#if 0
static const char rcsid[] = "Id: inet_net_pton.c,v 1.4.2.1 2002/08/02 02:17:21 marka Exp ";
#else
-__RCSID("$NetBSD: inet_net_pton.c,v 1.1 2004/05/20 23:13:02 christos Exp $");
+__RCSID("$NetBSD: inet_net_pton.c,v 1.2 2011/03/06 16:00:20 christos Exp $");
#endif
#endif
@@ -145,12 +145,12 @@
INSIST(n >= 0 && n <= 9);
bits *= 10;
bits += n;
+ if (bits > 32)
+ goto emsgsize;
} while ((ch = *src++) != '\0' && isascii((u_char)ch)
&& isdigit((u_char)ch));
if (ch != '\0')
goto enoent;
- if (bits > 32)
- goto emsgsize;
}
/* Firey death and destruction unless we prefetched EOS. */
