This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH][BZ #15374] Make getent services compliant with RFC 6335 section 5.1

From: Florian Weimer <fweimer at redhat dot com>
To: OndÅej BÃlka <neleai at seznam dot cz>, libc-alpha at sourceware dot org
Date: Thu, 31 Oct 2013 14:09:54 +0100
Subject: Re: [PATCH][BZ #15374] Make getent services compliant with RFC 6335 section 5.1
Authentication-results: sourceware.org; auth=none
References: <20131020180745 dot GA18200 at domone dot podge>

On 10/20/2013 08:07 PM, OndÅej BÃlka wrote:

+      char *endptr;
+      long port = strtol (key[i], &endptr, 0);
+
+      if (*endptr == '\0')
+	serv = getservbyport (htons (port), proto);

This accepts leading "-" and "0x", which is not compliant with RFC 6335,either.

I'm not sure if the RFC is correct, a lot of software assumes that aleading digits in a service name indicates that it's a port number.


--
Florian Weimer / Red Hat Product Security Team

Follow-Ups:
- Re: [PATCH][BZ #15374] Make getent services compliant with RFC 6335 section 5.1
  - From: OndÅej BÃlka

References:
- [PATCH][BZ #15374] Make getent services compliant with RFC 6335 section 5.1
  - From: OndÅej BÃlka

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]