[tor-commits] [tor/master] scan-build: avoid undef behaior in tor_inet_pton

[nickm at torproject.org]

commit 685d450ab3823c578514ce6986d00c6e219abb43
Author: Nick Mathewson <nickm at torproject.org>
Date:   Sat Apr 19 13:07:30 2014 -0400

    scan-build: avoid undef behaior in tor_inet_pton
    
    If we had an address of the form "1.2.3.4" and we tried to pass it to
    tor_inet_pton with AF_INET6, it was possible for our 'eow' pointer to
    briefly move backwards to the point before the start of the string,
    before we moved it right back to the start of the string.  C doesn't
    allow that, and though we haven't yet hit a compiler that decided to
    nuke us in response, it's best to fix.
    
    So, be more explicit about requiring there to be a : before any IPv4
    address part of the IPv6 address.  We would have rejected addresses
    without a : for not being IPv6 later on anyway.
---
 src/common/compat.c  |    4 +++-
 src/test/test_addr.c |    3 +++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/common/compat.c b/src/common/compat.c
index c5945fb..8d816b9 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -2195,8 +2195,10 @@ tor_inet_pton(int af, const char *src, void *dst)
     else {
       unsigned byte1,byte2,byte3,byte4;
       char more;
-      for (eow = dot-1; eow >= src && TOR_ISDIGIT(*eow); --eow)
+      for (eow = dot-1; eow > src && TOR_ISDIGIT(*eow); --eow)
         ;
+      if (*eow != ':')
+        return 0;
       ++eow;
 
       /* We use "scanf" because some platform inet_aton()s are too lax
diff --git a/src/test/test_addr.c b/src/test/test_addr.c
index cee2dcf..50011e6 100644
--- a/src/test/test_addr.c
+++ b/src/test/test_addr.c
@@ -346,6 +346,9 @@ test_addr_ip6_helpers(void)
   test_pton6_bad("a:::b:c");
   test_pton6_bad(":::a:b:c");
   test_pton6_bad("a:b:c:::");
+  test_pton6_bad("1.2.3.4");
+  test_pton6_bad(":1.2.3.4");
+  test_pton6_bad(".2.3.4");
 
   /* test internal checking */
   test_external_ip("fbff:ffff::2:7", 0);