Welcome! Log In Create A New Profile

Advanced

[nginx] Overflow detection in ngx_inet_addr().

Ruslan Ermilov
March 17, 2015 06:00AM
details: http://hg.nginx.org/nginx/rev/550212836c8f
branches:
changeset: 6012:550212836c8f
user: Ruslan Ermilov <ru@nginx.com>
date: Tue Mar 17 00:26:22 2015 +0300
description:
Overflow detection in ngx_inet_addr().

diffstat:

src/core/ngx_inet.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)

diffs (32 lines):

diff -r 429a8c65f0a7 -r 550212836c8f src/core/ngx_inet.c
--- a/src/core/ngx_inet.c Tue Mar 17 00:26:20 2015 +0300
+++ b/src/core/ngx_inet.c Tue Mar 17 00:26:22 2015 +0300
@@ -27,6 +27,10 @@ ngx_inet_addr(u_char *text, size_t len)

for (p = text; p < text + len; p++) {

+ if (octet > 255) {
+ return INADDR_NONE;
+ }
+
c = *p;

if (c >= '0' && c <= '9') {
@@ -34,7 +38,7 @@ ngx_inet_addr(u_char *text, size_t len)
continue;
}

- if (c == '.' && octet < 256) {
+ if (c == '.') {
addr = (addr << 8) + octet;
octet = 0;
n++;
@@ -44,7 +48,7 @@ ngx_inet_addr(u_char *text, size_t len)
return INADDR_NONE;
}

- if (n == 3 && octet < 256) {
+ if (n == 3) {
addr = (addr << 8) + octet;
return htonl(addr);
}

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[nginx] Overflow detection in ngx_inet_addr().

Ruslan Ermilov 457 March 17, 2015 06:00AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 318
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready