[nginx] Fixed overflow detection in ngx_inet_addr().

Valentin Bartenev vbart at nginx.com
Tue Apr 28 15:55:31 UTC 2015


details:   http://hg.nginx.org/nginx/rev/bc47a7a8159c
branches:  
changeset: 6138:bc47a7a8159c
user:      Valentin Bartenev <vbart at nginx.com>
date:      Tue Apr 28 18:55:03 2015 +0300
description:
Fixed overflow detection in ngx_inet_addr().

Overflow detection of the last octet might not work.

Reported by Sergey Polovko.

diffstat:

 src/core/ngx_inet.c |  10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diffs (24 lines):

diff -r 5d0c9405af71 -r bc47a7a8159c src/core/ngx_inet.c
--- a/src/core/ngx_inet.c	Tue Apr 28 18:54:48 2015 +0300
+++ b/src/core/ngx_inet.c	Tue Apr 28 18:55:03 2015 +0300
@@ -26,15 +26,15 @@ ngx_inet_addr(u_char *text, size_t len)
     n = 0;
 
     for (p = text; p < text + len; p++) {
-
-        if (octet > 255) {
-            return INADDR_NONE;
-        }
-
         c = *p;
 
         if (c >= '0' && c <= '9') {
             octet = octet * 10 + (c - '0');
+
+            if (octet > 255) {
+                return INADDR_NONE;
+            }
+
             continue;
         }
 



More information about the nginx-devel mailing list