summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEric Faurot <eric@cvs.openbsd.org>2014-05-13 11:57:36 +0000
committerEric Faurot <eric@cvs.openbsd.org>2014-05-13 11:57:36 +0000
commit2e532871f2d07daea69335c00b771a2d80e0cb6d (patch)
tree503cf038e4897ee5b92cfefe760a95584defd365
parentf5050d84f7cb739d2246f9d57d87e2ef762ea79e (diff)
skip incomplete entries in /etc/hosts and /etc/networks
fix null deref spotted by Seth Hanford, pinpointed by dtucker@ ok florian@
Diffstat
-rw-r--r--lib/libc/asr/gethostnamadr_async.c6
-rw-r--r--lib/libc/asr/getnetnamadr_async.c6
2 files changed, 10 insertions, 2 deletions
diff --git a/lib/libc/asr/gethostnamadr_async.c b/lib/libc/asr/gethostnamadr_async.c
index 674bcb476a9..f94d4109a3d 100644
--- a/lib/libc/asr/gethostnamadr_async.c
+++ b/lib/libc/asr/gethostnamadr_async.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gethostnamadr_async.c,v 1.28 2014/03/26 18:13:15 eric Exp $ */
+/* $OpenBSD: gethostnamadr_async.c,v 1.29 2014/05/13 11:57:35 eric Exp $ */
/*
* Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
*
@@ -432,6 +432,10 @@ hostent_file_match(FILE *f, int reqtype, int family, const char *data,
return (NULL);
}
+ /* there must be an address and at least one name */
+ if (n < 2)
+ continue;
+
if (reqtype == ASR_GETHOSTBYNAME) {
for (i = 1; i < n; i++) {
if (strcasecmp(data, tokens[i]))
diff --git a/lib/libc/asr/getnetnamadr_async.c b/lib/libc/asr/getnetnamadr_async.c
index ce3e8cf0526..f030ca92997 100644
--- a/lib/libc/asr/getnetnamadr_async.c
+++ b/lib/libc/asr/getnetnamadr_async.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getnetnamadr_async.c,v 1.14 2014/03/26 18:13:15 eric Exp $ */
+/* $OpenBSD: getnetnamadr_async.c,v 1.15 2014/05/13 11:57:35 eric Exp $ */
/*
* Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
*
@@ -287,6 +287,10 @@ netent_file_match(FILE *f, int reqtype, const char *data)
return (NULL);
}
+ /* there must be an address and at least one name */
+ if (n < 2)
+ continue;
+
if (reqtype == ASR_GETNETBYADDR) {
net = inet_network(tokens[1]);
if (memcmp(&net, data, sizeof net) == 0)
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-30 12:01:33 +0000