aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--NEWS14
-rw-r--r--inet/inet_net.c22
-rw-r--r--inet/tst-network.c1
4 files changed, 35 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 83e477d..dc8745a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2013-10-17 Ondřej Bílka <neleai@seznam.cz>
+
+ [BZ #15277]
+ * inet/inet_net.c (inet_network): Detect additional invalid strings.
+ * inet/tst-network.c: Add testcase.
+
2013-10-17 Andreas Schwab <schwab@suse.de>
[BZ #15218]
diff --git a/NEWS b/NEWS
index 507d8fb..0efdde5 100644
--- a/NEWS
+++ b/NEWS
@@ -10,13 +10,13 @@ Version 2.19
* The following bugs are resolved with this release:
156, 431, 832, 13028, 13982, 13985, 14155, 14547, 14699, 14910, 15048,
- 15218, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609,
- 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735, 15736,
- 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849, 15855,
- 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895,
- 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988,
- 16032, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988,
- 16032, 16034, 16036, 16041.
+ 15218, 15277, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608,
+ 15609, 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735,
+ 15736, 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849,
+ 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893,
+ 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966,
+ 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966,
+ 15988, 16032, 16034, 16036, 16041.
* CVE-2012-4412 The strcoll implementation caches indices and rules for
large collation sequences to optimize multiple passes. This cache
diff --git a/inet/inet_net.c b/inet/inet_net.c
index 68e232f..5d61c75 100644
--- a/inet/inet_net.c
+++ b/inet/inet_net.c
@@ -27,6 +27,24 @@
* SUCH DAMAGE.
*/
+/* Copyright (C) 2013 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)inet_network.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
@@ -81,7 +99,9 @@ again:
*pp++ = val, cp++;
goto again;
}
- if (*cp && !isspace(*cp))
+ while (isspace(*cp))
+ cp++;
+ if (*cp)
return (INADDR_NONE);
if (pp >= parts + 4 || val > 0xff)
return (INADDR_NONE);
diff --git a/inet/tst-network.c b/inet/tst-network.c
index 6b79e62..2eefb0c 100644
--- a/inet/tst-network.c
+++ b/inet/tst-network.c
@@ -38,6 +38,7 @@ struct
{"0x0", 0},
/* Now some invalid addresses. */
{"0x", INADDR_NONE},
+ {"1 bar", INADDR_NONE}, /* Bug 15277. */
{"141.30.225.2800", INADDR_NONE},
{"141.76.1.1.1", INADDR_NONE},
{"141.76.1.11.", INADDR_NONE},