status-im
/
miniupnp
mirror of https://github.com/status-im/miniupnp.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

miniupnpd/upnpredirect.c: check inet_aton() return

This commit is contained in:
Thomas Bernard 2014-12-09 10:53:52 +01:00
parent d00b75782e
commit 7c91c4e933
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
miniupnpd/Changelog.txt
View File

@ -2,6 +2,7 @@ $Id: Changelog.txt,v 1.391 2014/12/09 09:48:04 nanard Exp $
2014/12/09:
fix upnp_add_inboundpinhole() : check inet_pton() return
fix upnp_redirect() : check inet_aton() return
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities

6
miniupnpd/upnpredirect.c
View File

@ -1,4 +1,4 @@
/* $Id: upnpredirect.c,v 1.82 2014/02/28 20:18:35 nanard Exp $ */
/* $Id: upnpredirect.c,v 1.85 2014/12/09 09:17:54 nanard Exp $ */
/* MiniUPnP project
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
* (c) 2006-2014 Thomas Bernard
@ -268,8 +268,8 @@ upnp_redirect(const char * rhost, unsigned short eport,
unsigned int timestamp;
proto = proto_atoi(protocol);
if(inet_aton(iaddr, &address) < 0) {
syslog(LOG_ERR, "inet_aton(%s) : %m", iaddr);
if(inet_aton(iaddr, &address) <= 0) {
syslog(LOG_ERR, "inet_aton(%s) FAILED", iaddr);
return -1;
}