This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH][BZ #15277] Fix inet_network("1 bar")
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: OndÅej BÃlka <neleai at seznam dot cz>
- Cc: libc-alpha at sourceware dot org
- Date: Thu, 17 Oct 2013 12:05:51 -0400
- Subject: Re: [PATCH][BZ #15277] Fix inet_network("1 bar")
- Authentication-results: sourceware.org; auth=none
- References: <20131008191331 dot GA16990 at domone dot podge> <20131017153944 dot GE31767 at domone dot podge>
On 10/17/2013 11:39 AM, OndÅej BÃlka wrote:
> On Tue, Oct 08, 2013 at 09:13:31PM +0200, OndÅej BÃlka wrote:
>> Hi,
>>
>> Here we do not detect that address is invalid as code only checked if
>> first byte after address is space. This patch checks rest of string for
>> nonspace characters.
>>
>> Author of this bug added several cases to testcase, should we include
>> them or just 1 bar one.
>>
>> https://sourceware.org/bugzilla/show_bug.cgi?id=15277
>>
> Here is version that adds one test. OK to commit?
>
> [BZ #15277]
> * inet/inet_net.c (inet_network): Properly detect invalid strings.
Suggest: "Detect additional invalid strings."
> * inet/tst-network.c: Add testcase.
Two nits.
> diff --git a/inet/inet_net.c b/inet/inet_net.c
> index 68e232f..85ce6b3 100644
> --- a/inet/inet_net.c
> +++ b/inet/inet_net.c
> @@ -81,7 +81,9 @@ again:
> *pp++ = val, cp++;
> goto again;
> }
> - if (*cp && !isspace(*cp))
> + while (isspace(*cp))
> + cp++;
Skip spaces until the next non-space including \0.
This increases the QoI by detecting invalid addresses.
I'm happy with this change because inet_pton would have
rejected this address also.
> + if (*cp)
If we got to \0 this won't trigger since it's potentially
a valid string with spaces after it.
> return (INADDR_NONE);
> if (pp >= parts + 4 || val > 0xff)
> return (INADDR_NONE);
> diff --git a/inet/tst-network.c b/inet/tst-network.c
> index 6b79e62..ae3f938 100644
> --- a/inet/tst-network.c
> +++ b/inet/tst-network.c
> @@ -38,6 +38,7 @@ struct
> {"0x0", 0},
> /* Now some invalid addresses. */
> {"0x", INADDR_NONE},
Add comment "/* Bug 15277. */" to make it easier to know
why this case was added.
> + {"1 bar", INADDR_NONE},
OK.
> {"141.30.225.2800", INADDR_NONE},
> {"141.76.1.1.1", INADDR_NONE},
> {"141.76.1.11.", INADDR_NONE},
>
Please add the FSF copyright header after the existing
copyright header since we are adding FSF copyrighted
material to this file.
OK with those changes.
Cheers,
Carlos.