aniani/irssi
1
0
Fork 0
mirror of https://github.com/irssi/irssi.git synced 2024-10-27 05:20:20 -04:00
Code

Set host to an empty string on error

Browse Source 
While investigating #317, I noticed that it was possible we would access
an uninitialized buffer due to failing to check the return value of
net_ip2host(). This is done in several places. To make such uses safe,
set the host buffer to an empty string on error. It is possible callers
could be improved by handling the error in each spot, but this gives us
some safety.
This commit is contained in:
Will Storey 2017-10-09 12:50:04 -07:00
parent 016fd34436
commit 4ccff71f67
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/core/network.c
View File

@ -489,7 +489,16 @@ int net_gethostbyaddr(IPADDR *ip, char **name)
int net_ip2host(IPADDR *ip, char *host) int net_ip2host(IPADDR *ip, char *host)
{ {
return inet_ntop(ip->family, &ip->ip, host, MAX_IP_LEN) ? 0 : -1; if (inet_ntop(ip->family, &ip->ip, host, MAX_IP_LEN)) {
return 0;
}
// For callers that do not check our return value and pass in an
// uninitialized buffer assuming it will be set, ensure the buffer is a valid
// string. Ideally callers should check what we return and handle
// appropriately, but this at least gives us safety.
host[0] = '\0';
return -1;
} }
int net_host2ip(const char *host, IPADDR *ip) int net_host2ip(const char *host, IPADDR *ip)