Overflow detection in ngx_inet_addr().

commit: 166a3a13a497c7218d052a7fae4a9a5456268575 [log] [tgz]
author: Ruslan Ermilov <ru@nginx.com> Tue Mar 17 00:26:22 2015 +0300
committer: Ruslan Ermilov <ru@nginx.com> Tue Mar 17 00:26:22 2015 +0300
tree: 5d8cfe0008d517f5a37d9fe8834e0a395bf232a6
parent: 7523e71888d3f2b62e4752c8b7df7c554ae679f6 [diff]
diff --git a/src/core/ngx_inet.c b/src/core/ngx_inet.c
index 26c5bc4..2c84daf 100644
--- a/src/core/ngx_inet.c
+++ b/src/core/ngx_inet.c

@@ -27,6 +27,10 @@
 
     for (p = text; p < text + len; p++) {
 
+        if (octet > 255) {
+            return INADDR_NONE;
+        }
+
         c = *p;
 
         if (c >= '0' && c <= '9') {
@@ -34,7 +38,7 @@
             continue;
         }
 
-        if (c == '.' && octet < 256) {
+        if (c == '.') {
             addr = (addr << 8) + octet;
             octet = 0;
             n++;
@@ -44,7 +48,7 @@
         return INADDR_NONE;
     }
 
-    if (n == 3 && octet < 256) {
+    if (n == 3) {
         addr = (addr << 8) + octet;
         return htonl(addr);
     }
commit	166a3a13a497c7218d052a7fae4a9a5456268575	[log] [tgz]
author	Ruslan Ermilov <ru@nginx.com>	Tue Mar 17 00:26:22 2015 +0300
committer	Ruslan Ermilov <ru@nginx.com>	Tue Mar 17 00:26:22 2015 +0300
tree	5d8cfe0008d517f5a37d9fe8834e0a395bf232a6
parent	7523e71888d3f2b62e4752c8b7df7c554ae679f6 [diff]