Date: Wed, 8 Sep 1999 00:55:45 +0200 (CEST) From: xaa@xaa.iae.nl To: FreeBSD-gnats-submit@freebsd.org Subject: bin/13628: inet_aton accepts too much Message-ID: <19990907225545.0895F1F4F@ariel.xaa.iae.nl>
next in thread | raw e-mail | index | archive | help
>Number: 13628
>Category: bin
>Synopsis: inet_aton doesn't check valid addresses well enough
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Sep 7 16:00:02 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator: Mark Huizer
>Release: FreeBSD 4.0-CURRENT i386
>Organization:
>Environment:
4.0-current
>Description:
inet_aton should return 0 on invalid IP addresses.
1000.0.0.0 is an invalid address but inet_aton will kindly
return 1000*(1<<24) and 1 for a successful translation
>How-To-Repeat:
if (!inet_aton("1000.0.0.0",&sockaddress)) {
fprintf(stderr,"invalid address\n");
} else
fprintf(stderr,"valid address??\n");
>Fix:
check the parts more carefully.
haven't checked linux' code yet, but that correctly returns a 0
for invalid addresses
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990907225545.0895F1F4F>