2305. [security] inet_network() buffer overflow. CVE-2008-0122.

author Mark Andrews <marka@isc.org>

Wed, 16 Jan 2008 05:15:36 +0000 (05:15 +0000)

committer Mark Andrews <marka@isc.org>

Wed, 16 Jan 2008 05:15:36 +0000 (05:15 +0000)
author Mark Andrews <marka@isc.org>
Wed, 16 Jan 2008 05:15:36 +0000 (05:15 +0000)
committer Mark Andrews <marka@isc.org>
Wed, 16 Jan 2008 05:15:36 +0000 (05:15 +0000)
diff --git a/CHANGES b/CHANGES

index f0d5e7fed23335417c88eaef356a1803168a9f33..f72f4112f62931c897238fd45ae2ee08247c2411 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,4 @@
+2305.  [security]      inet_network() buffer overflow. CVE-2008-0122.
  
         --- 9.2.9 released ---
  
diff --git a/lib/bind/inet/inet_network.c b/lib/bind/inet/inet_network.c

index aaa50c8315781fee81c61246f4e8b0da5af7557f..2f40949e28155099944139f0f88ceb765fe414df 100644 (file)
--- a/lib/bind/inet/inet_network.c
+++ b/lib/bind/inet/inet_network.c
@@ -84,9 +84,9 @@ again:
         }
         if (!digit)
                 return (INADDR_NONE);
+       if (pp >= parts + 4 || val > 0xffU)
+               return (INADDR_NONE);
         if (*cp == '.') {
-               if (pp >= parts + 4 || val > 0xffU)
-                       return (INADDR_NONE);
                 *pp++ = val, cp++;
                 goto again;
         }
author	Mark Andrews <marka@isc.org>
	Wed, 16 Jan 2008 05:15:36 +0000 (05:15 +0000)
committer	Mark Andrews <marka@isc.org>
	Wed, 16 Jan 2008 05:15:36 +0000 (05:15 +0000)
CHANGES		patch \| blob \| blame \| history
lib/bind/inet/inet_network.c		patch \| blob \| blame \| history