CVSROOT: /cvs Module name: src Changes by: flor...@cvs.openbsd.org 2021/01/19 09:43:44
Modified files: lib/libc/net : inet_net_pton.c Log message: Prevent an overflow in inet_net_pton(3) when the passed in buffer is too small in the AF_INET6 case. Spotted by Brad House (brad AT brad-house.com) with the c-ares regression test. The man page says Caution: The dst field should be zeroed before calling inet_net_pton() as the function will only fill the number of bytes necessary to encode the network number in network byte order. Which seems to suggest that the function should work if the passed in storage is big enough to hold the prefix, which might be smaller than sizeof(in6_addr). Input & OK tb