[klibc] inet: Stricter IPv6 field parsing in inet_pton()HEAD master

We currently don't range-check the fields of an IPv6 address, so the following strings are wrongly accepted: "10000::" "::10000" Since we currently only support hexadecimal fields, implement the range check by limiting the number of digits to 4. Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
author: Ben Hutchings <ben@decadent.org.uk> 2024-03-21 23:12:47 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2024-03-21 23:30:45 +0100
commit: 7359f104c202a6e36212324cdd5aba7964737e9d (patch)
tree: 45a2bfe7126eb6c4e871832dc1e886c1cd3a23e5
parent: d539458148cb998600b4596227cd52eb1ca930da (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/usr/klibc/inet/inet_pton.c b/usr/klibc/inet/inet_pton.c
index a319506abd390..19706ce03646b 100644
--- a/usr/klibc/inet/inet_pton.c
+++ b/usr/klibc/inet/inet_pton.c
@@ -32,7 +32,7 @@ int inet_pton(int af, const char *src, void *dst)
 	case AF_INET6:
 		{
 			struct in6_addr *d = (struct in6_addr *)dst;
-			int colons = 0, dcolons = 0;
+			int colons = 0, dcolons = 0, digits = 0;
 			int i;
 			const char *p;
 
@@ -43,7 +43,9 @@ int inet_pton(int af, const char *src, void *dst)
 					colons++;
 					if (p[1] == ':')
 						dcolons++;
-				} else if (!isxdigit((unsigned char)*p))
+					digits = 0;
+				} else if (!isxdigit((unsigned char)*p)
+					   || ++digits > 4)
 					return 0;	/* Invalid address */
 			}
author	Ben Hutchings <ben@decadent.org.uk>	2024-03-21 23:12:47 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2024-03-21 23:30:45 +0100
commit	7359f104c202a6e36212324cdd5aba7964737e9d (patch)
tree	45a2bfe7126eb6c4e871832dc1e886c1cd3a23e5
parent	d539458148cb998600b4596227cd52eb1ca930da (diff)