Fix inet_network("1 bar"). Fixes bug 15277.

git-mirror · Oct 17, 2013 · 264aad1 · 264aad1
1 parent b957ced
commit 264aad1
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 8 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,9 @@
+2013-10-17  Ondřej Bílka  <neleai@seznam.cz>
+
+	[BZ #15277]
+	* inet/inet_net.c (inet_network): Detect additional invalid strings.
+	* inet/tst-network.c: Add testcase.
+
 2013-10-17  Andreas Schwab  <schwab@suse.de>
 
 	[BZ #15218]

diff --git a/NEWS b/NEWS
@@ -10,13 +10,13 @@ Version 2.19
 * The following bugs are resolved with this release:
 
   156, 431, 832, 13028, 13982, 13985, 14155, 14547, 14699, 14910, 15048,
-  15218, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609,
-  15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735, 15736,
-  15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849, 15855,
-  15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895,
-  15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988,
-  16032, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988,
-  16032, 16034, 16036, 16041.
+  15218, 15277, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608,
+  15609, 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735,
+  15736, 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849,
+  15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893,
+  15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966,
+  15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15963, 15966,
+  15988, 16032, 16034, 16036, 16041.
 
 * CVE-2012-4412 The strcoll implementation caches indices and rules for
   large collation sequences to optimize multiple passes.  This cache

diff --git a/inet/inet_net.c b/inet/inet_net.c
@@ -27,6 +27,24 @@
  * SUCH DAMAGE.
  */
 
+/* Copyright (C) 2013 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+
 #if defined(LIBC_SCCS) && !defined(lint)
 static char sccsid[] = "@(#)inet_network.c	8.1 (Berkeley) 6/4/93";
 #endif /* LIBC_SCCS and not lint */
@@ -81,7 +99,9 @@ inet_network(cp)
 		*pp++ = val, cp++;
 		goto again;
 	}
-	if (*cp && !isspace(*cp))
+	while (isspace(*cp))
+		cp++;
+	if (*cp)
 		return (INADDR_NONE);
 	if (pp >= parts + 4 || val > 0xff)
 		return (INADDR_NONE);

diff --git a/inet/tst-network.c b/inet/tst-network.c
@@ -38,6 +38,7 @@ struct
   {"0x0", 0},
   /* Now some invalid addresses.  */
   {"0x", INADDR_NONE},
+  {"1 bar", INADDR_NONE}, /* Bug 15277.  */
   {"141.30.225.2800", INADDR_NONE},
   {"141.76.1.1.1", INADDR_NONE},
   {"141.76.1.11.", INADDR_NONE},