This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug network/20018] New: inet_addr and inet_aton should reject trailing garbage

From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Thu, 28 Apr 2016 12:54:59 +0000
Subject: [Bug network/20018] New: inet_addr and inet_aton should reject trailing garbage
Auto-submitted: auto-generated

https://sourceware.org/bugzilla/show_bug.cgi?id=20018

            Bug ID: 20018
           Summary: inet_addr and inet_aton should reject trailing garbage
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: network
          Assignee: unassigned at sourceware dot org
          Reporter: fweimer at redhat dot com
  Target Milestone: ---
             Flags: security+

For historic reasons, inet_addr and inet_aton accept trailing garbage.  Some
parsers rely on this (for example, libresolv when it parses ânameserverâ
directives in /etc/resolv.conf).

This causes problems because some applications assume that a successful parse
as an IPv4 address means that the string consists of just an IPv4 address, and
nothing more:

  https://bugzilla.redhat.com/show_bug.cgi?id=1303699#c3

We should add a check for trailing garbage and relegate the old behavior to a
compatibility symbol.

For backporting, we should just fix getaddrinfo (and related functions if
necessary) so that they will not accept trailing garbage.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]