From 049aebd7eb798bca4e0fb3c0532328ad9d85cc7c Mon Sep 17 00:00:00 2001
From: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Date: Mon, 2 May 2011 10:10:47 +0200
Subject: ether_aton: reject invalid input

fixes PR2227

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
---
 libc/inet/ether_addr.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'libc/inet')

diff --git a/libc/inet/ether_addr.c b/libc/inet/ether_addr.c
index 621c62989..9071d71de 100644
--- a/libc/inet/ether_addr.c
+++ b/libc/inet/ether_addr.c
@@ -38,10 +38,12 @@ struct ether_addr *ether_aton_r(const char *asc, struct ether_addr *addr)
 
 	for (cnt = 0; cnt < 6; ++cnt) {
 		unsigned char number;
-		char ch;
+		char ch = *asc++;
 
+		if (ch < 0x20)
+			return NULL;
 		/* | 0x20 is cheap tolower(), valid for letters/numbers only */
-		ch = (*asc++) | 0x20;
+		ch |= 0x20;
 		if ((ch < '0' || ch > '9') && (ch < 'a' || ch > 'f'))
 			return NULL;
 		number = !(ch > '9') ? (ch - '0') : (ch - 'a' + 10);
-- 
cgit v1.2.3