diff options
| author | Nick Mathewson <nickm@torproject.org> | 2009-02-09 03:12:02 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2009-02-09 03:12:02 +0000 |
| commit | 4c7a8841298cc2633fefa63730f591d4ddb4e015 (patch) | |
| tree | 19c1ab88abc484a66472a80693ce6f2044b01cd9 | |
| parent | 248805262d5634109a86a65e0465c5c299aa6b21 (diff) | |
| download | tor-4c7a8841298cc2633fefa63730f591d4ddb4e015.tar.gz tor-4c7a8841298cc2633fefa63730f591d4ddb4e015.zip | |
Backport r17887: stop accepting 1.2.3 as a valid IPv4 address. This has security implications.
svn:r18419
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/common/compat.c | 30 | ||||
| -rw-r--r-- | src/or/eventdns.c | 15 |
3 files changed, 12 insertions, 35 deletions
@@ -10,6 +10,8 @@ Changes in version 0.2.0.34 - 2009-02-08 Patch from Matthias Drochner. - Don't consider expiring already-closed client connections. Fixes bug 893. Bugfix on 0.0.2pre20. + - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid. + Spec conformance issue. Bugfix on Tor 0.0.2pre27. Changes in version 0.2.0.33 - 2009-01-21 diff --git a/src/common/compat.c b/src/common/compat.c index f903d1ffb6..d56815c571 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -115,12 +115,6 @@ const char compat_c_id[] = #include "strlcat.c" #endif -#ifndef INADDR_NONE -/* This is used by inet_addr, but apparently Solaris doesn't define it - * anyplace. */ -#define INADDR_NONE ((unsigned long) -1) -#endif - #ifdef HAVE_SYS_MMAN_H /** Implementation for tor_mmap_t: holds the regular tor_mmap_t, along * with extra fields needed for mmap()-based memory mapping. */ @@ -1169,24 +1163,18 @@ get_user_homedir(const char *username) * but works on Windows and Solaris.) */ int -tor_inet_aton(const char *c, struct in_addr* addr) +tor_inet_aton(const char *str, struct in_addr* addr) { -#ifdef HAVE_INET_ATON - return inet_aton(c, addr); -#else - uint32_t r; - tor_assert(c); - tor_assert(addr); - if (strcmp(c, "255.255.255.255") == 0) { - addr->s_addr = 0xFFFFFFFFu; - return 1; - } - r = inet_addr(c); - if (r == INADDR_NONE) + int a,b,c,d; + char more; + if (sscanf(str, "%d.%d.%d.%d%c", &a,&b,&c,&d,&more) != 4) return 0; - addr->s_addr = r; + if (a < 0 || a > 255) return 0; + if (b < 0 || b > 255) return 0; + if (c < 0 || c > 255) return 0; + if (d < 0 || d > 255) return 0; + addr->s_addr = htonl((a<<24) | (b<<16) | (c<<8) | d); return 1; -#endif } /** Given <b>af</b>==AF_INET and <b>src</b> a struct in_addr, or diff --git a/src/or/eventdns.c b/src/or/eventdns.c index 011ce4917c..55302c840f 100644 --- a/src/or/eventdns.c +++ b/src/or/eventdns.c @@ -357,20 +357,7 @@ error_is_eagain(int err) { return err == EAGAIN || err == WSAEWOULDBLOCK; } -static int -inet_aton(const char *c, struct in_addr *addr) -{ - uint32_t r; - if (strcmp(c, "255.255.255.255") == 0) { - addr->s_addr = 0xffffffffu; - } else { - r = inet_addr(c); - if (r == INADDR_NONE) - return 0; - addr->s_addr = r; - } - return 1; -} +#define inet_aton(c, addr) tor_inet_aton((c), (addr)) #define CLOSE_SOCKET(x) closesocket(x) #else #define last_error(sock) (errno) |