| Summary: | ether_aton() accepts malformed input | ||
|---|---|---|---|
| Product: | uClibc | Reporter: | David Ramos <ramos> |
| Component: | Networking | Assignee: | unassigned |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | ramos, uclibc-cvs |
| Priority: | P5 | ||
| Version: | 0.9.31 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Host: | Target: | ||
| Build: | |||
| Attachments: | testcase for ether_aton | ||
*bump* this bug is still unassigned after 9 months... (In reply to comment #1) > *bump* this bug is still unassigned after 9 months... thanks for the testsuite entry. This should be fixed by 049aebd7eb798bca4e0fb3c0532328ad9d85cc7c, please verify against current master. |
Created attachment 2245 [details] testcase for ether_aton As of 0.9.31, ether_aton() accepts malformed input by performing an unchecked OR \x20 as an efficient alternative to tolower(). For example, ASCII control character \x12 (malformed input) is treated by ether_aton as an ASCII '2' (\x32) character. It should instead return NULL to indicate the error. I've attached a testcase to illustrate the bug. Note that the behavior was correct in uClibc 0.9.30.3.