Mercurial > hg > nginx
comparison src/core/ngx_inet.c @ 6138:bc47a7a8159c
Fixed overflow detection in ngx_inet_addr().
Overflow detection of the last octet might not work.
Reported by Sergey Polovko.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Tue, 28 Apr 2015 18:55:03 +0300 |
parents | 550212836c8f |
children | 5df5d7d771f6 |
comparison
equal
deleted
inserted
replaced
6137:5d0c9405af71 | 6138:bc47a7a8159c |
---|---|
24 addr = 0; | 24 addr = 0; |
25 octet = 0; | 25 octet = 0; |
26 n = 0; | 26 n = 0; |
27 | 27 |
28 for (p = text; p < text + len; p++) { | 28 for (p = text; p < text + len; p++) { |
29 | |
30 if (octet > 255) { | |
31 return INADDR_NONE; | |
32 } | |
33 | |
34 c = *p; | 29 c = *p; |
35 | 30 |
36 if (c >= '0' && c <= '9') { | 31 if (c >= '0' && c <= '9') { |
37 octet = octet * 10 + (c - '0'); | 32 octet = octet * 10 + (c - '0'); |
33 | |
34 if (octet > 255) { | |
35 return INADDR_NONE; | |
36 } | |
37 | |
38 continue; | 38 continue; |
39 } | 39 } |
40 | 40 |
41 if (c == '.') { | 41 if (c == '.') { |
42 addr = (addr << 8) + octet; | 42 addr = (addr << 8) + octet; |