CVE: CVE-2016-10739 Upstream-Status: Backport Signed-off-by: Ross Burton From 8e92ca5dd7a7e38a4dddf1ebc4e1e8f0cb27e4aa Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Mon, 21 Jan 2019 08:59:42 +0100 Subject: [PATCH] resolv: Reformat inet_addr, inet_aton to GNU style (cherry picked from commit 5e30b8ef0758763effa115634e0ed7d8938e4bc0) --- ChangeLog | 5 ++ resolv/inet_addr.c | 192 ++++++++++++++++++++++++++++------------------------- 2 files changed, 106 insertions(+), 91 deletions(-) diff --git a/resolv/inet_addr.c b/resolv/inet_addr.c index 022f7ea084..32f58b0e13 100644 --- a/resolv/inet_addr.c +++ b/resolv/inet_addr.c @@ -1,3 +1,21 @@ +/* Legacy IPv4 text-to-address functions. + Copyright (C) 2019 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + /* * Copyright (c) 1983, 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -78,105 +96,97 @@ #include #include -/* - * Ascii internet address interpretation routine. - * The value returned is in network order. - */ +/* ASCII IPv4 Internet address interpretation routine. The value + returned is in network order. */ in_addr_t -__inet_addr(const char *cp) { - struct in_addr val; +__inet_addr (const char *cp) +{ + struct in_addr val; - if (__inet_aton(cp, &val)) - return (val.s_addr); - return (INADDR_NONE); + if (__inet_aton (cp, &val)) + return val.s_addr; + return INADDR_NONE; } weak_alias (__inet_addr, inet_addr) -/* - * Check whether "cp" is a valid ascii representation - * of an Internet address and convert to a binary address. - * Returns 1 if the address is valid, 0 if not. - * This replaces inet_addr, the return value from which - * cannot distinguish between failure and a local broadcast address. - */ +/* Check whether "cp" is a valid ASCII representation of an IPv4 + Internet address and convert it to a binary address. Returns 1 if + the address is valid, 0 if not. This replaces inet_addr, the + return value from which cannot distinguish between failure and a + local broadcast address. */ int -__inet_aton(const char *cp, struct in_addr *addr) +__inet_aton (const char *cp, struct in_addr *addr) { - static const in_addr_t max[4] = { 0xffffffff, 0xffffff, 0xffff, 0xff }; - in_addr_t val; - char c; - union iaddr { - uint8_t bytes[4]; - uint32_t word; - } res; - uint8_t *pp = res.bytes; - int digit; - - int saved_errno = errno; - __set_errno (0); - - res.word = 0; - - c = *cp; - for (;;) { - /* - * Collect number up to ``.''. - * Values are specified as for C: - * 0x=hex, 0=octal, isdigit=decimal. - */ - if (!isdigit(c)) - goto ret_0; - { - char *endp; - unsigned long ul = strtoul (cp, (char **) &endp, 0); - if (ul == ULONG_MAX && errno == ERANGE) - goto ret_0; - if (ul > 0xfffffffful) - goto ret_0; - val = ul; - digit = cp != endp; - cp = endp; - } - c = *cp; - if (c == '.') { - /* - * Internet format: - * a.b.c.d - * a.b.c (with c treated as 16 bits) - * a.b (with b treated as 24 bits) - */ - if (pp > res.bytes + 2 || val > 0xff) - goto ret_0; - *pp++ = val; - c = *++cp; - } else - break; - } - /* - * Check for trailing characters. - */ - if (c != '\0' && (!isascii(c) || !isspace(c))) - goto ret_0; - /* - * Did we get a valid digit? - */ - if (!digit) - goto ret_0; - - /* Check whether the last part is in its limits depending on - the number of parts in total. */ - if (val > max[pp - res.bytes]) + static const in_addr_t max[4] = { 0xffffffff, 0xffffff, 0xffff, 0xff }; + in_addr_t val; + char c; + union iaddr + { + uint8_t bytes[4]; + uint32_t word; + } res; + uint8_t *pp = res.bytes; + int digit; + + int saved_errno = errno; + __set_errno (0); + + res.word = 0; + + c = *cp; + for (;;) + { + /* Collect number up to ``.''. Values are specified as for C: + 0x=hex, 0=octal, isdigit=decimal. */ + if (!isdigit (c)) + goto ret_0; + { + char *endp; + unsigned long ul = strtoul (cp, &endp, 0); + if (ul == ULONG_MAX && errno == ERANGE) goto ret_0; - - if (addr != NULL) - addr->s_addr = res.word | htonl (val); - - __set_errno (saved_errno); - return (1); - -ret_0: - __set_errno (saved_errno); - return (0); + if (ul > 0xfffffffful) + goto ret_0; + val = ul; + digit = cp != endp; + cp = endp; + } + c = *cp; + if (c == '.') + { + /* Internet format: + a.b.c.d + a.b.c (with c treated as 16 bits) + a.b (with b treated as 24 bits). */ + if (pp > res.bytes + 2 || val > 0xff) + goto ret_0; + *pp++ = val; + c = *++cp; + } + else + break; + } + /* Check for trailing characters. */ + if (c != '\0' && (!isascii (c) || !isspace (c))) + goto ret_0; + /* Did we get a valid digit? */ + if (!digit) + goto ret_0; + + /* Check whether the last part is in its limits depending on the + number of parts in total. */ + if (val > max[pp - res.bytes]) + goto ret_0; + + if (addr != NULL) + addr->s_addr = res.word | htonl (val); + + __set_errno (saved_errno); + return 1; + + ret_0: + __set_errno (saved_errno); + return 0; } weak_alias (__inet_aton, inet_aton) libc_hidden_def (__inet_aton) -- 2.11.0