diff options
author | cperciva <cperciva@FreeBSD.org> | 2008-01-14 22:56:05 +0000 |
---|---|---|
committer | cperciva <cperciva@FreeBSD.org> | 2008-01-14 22:56:05 +0000 |
commit | 533f13b8b27556700f86522a104894994e90f98b (patch) | |
tree | 1b8a86b5a99f9962b4056d9beed2656f413eda11 /lib/libc/inet | |
parent | ed5c5e33bff2d3d10c74801eb63aa2dd9574a114 (diff) | |
download | FreeBSD-src-533f13b8b27556700f86522a104894994e90f98b.zip FreeBSD-src-533f13b8b27556700f86522a104894994e90f98b.tar.gz |
Fix issues which allow snooping on ptys. [08:01]
Fix an off-by-one error in inet_network(3). [08:02]
Security: FreeBSD-SA-08:01.pty
Security: FreeBSD-SA-08:02.libc
Diffstat (limited to 'lib/libc/inet')
-rw-r--r-- | lib/libc/inet/inet_network.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libc/inet/inet_network.c b/lib/libc/inet/inet_network.c index b464656..254db41 100644 --- a/lib/libc/inet/inet_network.c +++ b/lib/libc/inet/inet_network.c @@ -82,9 +82,9 @@ again: } if (!digit) return (INADDR_NONE); + if (pp >= parts + 4 || val > 0xffU) + return (INADDR_NONE); if (*cp == '.') { - if (pp >= parts + 4 || val > 0xffU) - return (INADDR_NONE); *pp++ = val, cp++; goto again; } |