aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-04-19 13:07:30 -0400
committerNick Mathewson <nickm@torproject.org>2014-04-19 13:14:33 -0400
commit685d450ab3823c578514ce6986d00c6e219abb43 (patch)
treec77c498342ce2e81553f03eb25b587f1613bcc5f
parent78f555a2480b03911e602c2c041a10fd010804b9 (diff)
downloadtor-685d450ab3823c578514ce6986d00c6e219abb43.tar.gz
tor-685d450ab3823c578514ce6986d00c6e219abb43.zip
scan-build: avoid undef behaior in tor_inet_pton
If we had an address of the form "1.2.3.4" and we tried to pass it to tor_inet_pton with AF_INET6, it was possible for our 'eow' pointer to briefly move backwards to the point before the start of the string, before we moved it right back to the start of the string. C doesn't allow that, and though we haven't yet hit a compiler that decided to nuke us in response, it's best to fix. So, be more explicit about requiring there to be a : before any IPv4 address part of the IPv6 address. We would have rejected addresses without a : for not being IPv6 later on anyway.
-rw-r--r--src/common/compat.c4
-rw-r--r--src/test/test_addr.c3
2 files changed, 6 insertions, 1 deletions
diff --git a/src/common/compat.c b/src/common/compat.c
index c5945fbd22..8d816b90e7 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -2195,8 +2195,10 @@ tor_inet_pton(int af, const char *src, void *dst)
else {
unsigned byte1,byte2,byte3,byte4;
char more;
- for (eow = dot-1; eow >= src && TOR_ISDIGIT(*eow); --eow)
+ for (eow = dot-1; eow > src && TOR_ISDIGIT(*eow); --eow)
;
+ if (*eow != ':')
+ return 0;
++eow;
/* We use "scanf" because some platform inet_aton()s are too lax
diff --git a/src/test/test_addr.c b/src/test/test_addr.c
index cee2dcf2a0..50011e606b 100644
--- a/src/test/test_addr.c
+++ b/src/test/test_addr.c
@@ -346,6 +346,9 @@ test_addr_ip6_helpers(void)
test_pton6_bad("a:::b:c");
test_pton6_bad(":::a:b:c");
test_pton6_bad("a:b:c:::");
+ test_pton6_bad("1.2.3.4");
+ test_pton6_bad(":1.2.3.4");
+ test_pton6_bad(".2.3.4");
/* test internal checking */
test_external_ip("fbff:ffff::2:7", 0);