diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | NEWS | 14 | ||||
-rw-r--r-- | inet/inet_net.c | 22 | ||||
-rw-r--r-- | inet/tst-network.c | 1 |
4 files changed, 35 insertions, 8 deletions
@@ -1,3 +1,9 @@ +2013-10-17 Ondřej Bílka <neleai@seznam.cz> + + [BZ #15277] + * inet/inet_net.c (inet_network): Detect additional invalid strings. + * inet/tst-network.c: Add testcase. + 2013-10-17 Andreas Schwab <schwab@suse.de> [BZ #15218] @@ -10,13 +10,13 @@ Version 2.19 * The following bugs are resolved with this release: 156, 431, 832, 13028, 13982, 13985, 14155, 14547, 14699, 14910, 15048, - 15218, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609, - 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735, 15736, - 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849, 15855, - 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895, - 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988, - 16032, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988, - 16032, 16034, 16036, 16041. + 15218, 15277, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608, + 15609, 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735, + 15736, 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849, + 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, + 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, + 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, + 15988, 16032, 16034, 16036, 16041. * CVE-2012-4412 The strcoll implementation caches indices and rules for large collation sequences to optimize multiple passes. This cache diff --git a/inet/inet_net.c b/inet/inet_net.c index 68e232f..5d61c75 100644 --- a/inet/inet_net.c +++ b/inet/inet_net.c @@ -27,6 +27,24 @@ * SUCH DAMAGE. */ +/* Copyright (C) 2013 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + + #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)inet_network.c 8.1 (Berkeley) 6/4/93"; #endif /* LIBC_SCCS and not lint */ @@ -81,7 +99,9 @@ again: *pp++ = val, cp++; goto again; } - if (*cp && !isspace(*cp)) + while (isspace(*cp)) + cp++; + if (*cp) return (INADDR_NONE); if (pp >= parts + 4 || val > 0xff) return (INADDR_NONE); diff --git a/inet/tst-network.c b/inet/tst-network.c index 6b79e62..2eefb0c 100644 --- a/inet/tst-network.c +++ b/inet/tst-network.c @@ -38,6 +38,7 @@ struct {"0x0", 0}, /* Now some invalid addresses. */ {"0x", INADDR_NONE}, + {"1 bar", INADDR_NONE}, /* Bug 15277. */ {"141.30.225.2800", INADDR_NONE}, {"141.76.1.1.1", INADDR_NONE}, {"141.76.1.11.", INADDR_NONE}, |