diff --git a/CHANGES b/CHANGES index 03e6c64510..caafe97e27 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,9 @@ +1844. [bug] inet_pton() accepted more that 4 hexadecimal digits + for each 16 bit piece of the IPv6 address. The text + representation of a IPv6 address has been tighted + to disallow this (draft-ietf-ipv6-addr-arch-v4-02.txt). + [RT #5662] + 1843. [cleanup] CINCLUDES takes precedence over CFLAGS. This helps when CFLAGS contains "-I /usr/local/include" resulting in old header files being used. diff --git a/lib/isc/inet_pton.c b/lib/isc/inet_pton.c index 487f9e6bbe..71ec5fceef 100644 --- a/lib/isc/inet_pton.c +++ b/lib/isc/inet_pton.c @@ -17,7 +17,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char rcsid[] = - "$Id: inet_pton.c,v 1.13 2004/03/05 05:10:46 marka Exp $"; + "$Id: inet_pton.c,v 1.13.18.1 2005/03/31 07:26:45 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -132,7 +132,7 @@ inet_pton6(const char *src, unsigned char *dst) { xdigits_u[] = "0123456789ABCDEF"; unsigned char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp; const char *xdigits, *curtok; - int ch, saw_xdigit; + int ch, seen_xdigits; unsigned int val; memset((tp = tmp), '\0', NS_IN6ADDRSZ); @@ -143,7 +143,7 @@ inet_pton6(const char *src, unsigned char *dst) { if (*++src != ':') return (0); curtok = src; - saw_xdigit = 0; + seen_xdigits = 0; val = 0; while ((ch = *src++) != '\0') { const char *pch; @@ -153,14 +153,13 @@ inet_pton6(const char *src, unsigned char *dst) { if (pch != NULL) { val <<= 4; val |= (pch - xdigits); - if (val > 0xffff) + if (++seen_xdigits > 4) return (0); - saw_xdigit = 1; continue; } if (ch == ':') { curtok = src; - if (!saw_xdigit) { + if (!seen_xdigits) { if (colonp) return (0); colonp = tp; @@ -170,19 +169,19 @@ inet_pton6(const char *src, unsigned char *dst) { return (0); *tp++ = (unsigned char) (val >> 8) & 0xff; *tp++ = (unsigned char) val & 0xff; - saw_xdigit = 0; + seen_xdigits = 0; val = 0; continue; } if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) && inet_pton4(curtok, tp) > 0) { tp += NS_INADDRSZ; - saw_xdigit = 0; + seen_xdigits = 0; break; /* '\0' was seen by inet_pton4(). */ } return (0); } - if (saw_xdigit) { + if (seen_xdigits) { if (tp + NS_INT16SZ > endp) return (0); *tp++ = (unsigned char) (val >> 8) & 0xff; diff --git a/lib/lwres/lwinetpton.c b/lib/lwres/lwinetpton.c index eae5d6c0ab..f7673cf4d5 100644 --- a/lib/lwres/lwinetpton.c +++ b/lib/lwres/lwinetpton.c @@ -16,7 +16,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$Id: lwinetpton.c,v 1.7 2004/03/05 05:12:46 marka Exp $"; +static char rcsid[] = "$Id: lwinetpton.c,v 1.7.18.1 2005/03/31 07:26:45 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -129,7 +129,7 @@ inet_pton6(const char *src, unsigned char *dst) { xdigits_u[] = "0123456789ABCDEF"; unsigned char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp; const char *xdigits, *curtok; - int ch, saw_xdigit; + int ch, seen_xdigits; unsigned int val; memset((tp = tmp), '\0', NS_IN6ADDRSZ); @@ -140,7 +140,7 @@ inet_pton6(const char *src, unsigned char *dst) { if (*++src != ':') return (0); curtok = src; - saw_xdigit = 0; + seen_xdigits = 0; val = 0; while ((ch = *src++) != '\0') { const char *pch; @@ -150,14 +150,13 @@ inet_pton6(const char *src, unsigned char *dst) { if (pch != NULL) { val <<= 4; val |= (pch - xdigits); - if (val > 0xffff) + if (++seen_xdigits > 4) return (0); - saw_xdigit = 1; continue; } if (ch == ':') { curtok = src; - if (!saw_xdigit) { + if (!seen_xdigits) { if (colonp) return (0); colonp = tp; @@ -167,19 +166,19 @@ inet_pton6(const char *src, unsigned char *dst) { return (0); *tp++ = (unsigned char) (val >> 8) & 0xff; *tp++ = (unsigned char) val & 0xff; - saw_xdigit = 0; + seen_xdigits = 0; val = 0; continue; } if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) && inet_pton4(curtok, tp) > 0) { tp += NS_INADDRSZ; - saw_xdigit = 0; + seen_xdigits = 0; break; /* '\0' was seen by inet_pton4(). */ } return (0); } - if (saw_xdigit) { + if (seen_xdigits) { if (tp + NS_INT16SZ > endp) return (0); *tp++ = (unsigned char) (val >> 8) & 0xff;