Overflow detection in ngx_inet_addr().
diff --git a/src/core/ngx_inet.c b/src/core/ngx_inet.c
index 26c5bc4..2c84daf 100644
--- a/src/core/ngx_inet.c
+++ b/src/core/ngx_inet.c
@@ -27,6 +27,10 @@
for (p = text; p < text + len; p++) {
+ if (octet > 255) {
+ return INADDR_NONE;
+ }
+
c = *p;
if (c >= '0' && c <= '9') {
@@ -34,7 +38,7 @@
continue;
}
- if (c == '.' && octet < 256) {
+ if (c == '.') {
addr = (addr << 8) + octet;
octet = 0;
n++;
@@ -44,7 +48,7 @@
return INADDR_NONE;
}
- if (n == 3 && octet < 256) {
+ if (n == 3) {
addr = (addr << 8) + octet;
return htonl(addr);
}