From cabe9aa974aca34c0fda91028c770dee96ba51dc Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Wed, 27 Nov 2013 00:54:03 -0500 Subject: [PATCH] reject invalid address families in getaddrinfo subsequent code assumes the address family requested is either unspecified or one of IPv4/IPv6, and could malfunction if this constraint is not met, so other address families should be explicitly rejected. --- src/network/getaddrinfo.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/network/getaddrinfo.c b/src/network/getaddrinfo.c index e58db6cf..5d45be74 100644 --- a/src/network/getaddrinfo.c +++ b/src/network/getaddrinfo.c @@ -62,6 +62,9 @@ int getaddrinfo(const char *restrict host, const char *restrict serv, const stru int result; int cnt; + if (family != AF_INET && family != AF_INET6 && family != AF_UNSPEC) + return EAI_FAMILY; + if (host && strlen(host)>255) return EAI_NONAME; if (serv && strlen(serv)>32) return EAI_SERVICE; -- 2.25.1