[master] 4805408 Verify range of port numbers before using them
Kristian Lyngstøl
kristian at varnish-cache.org
Wed May 9 14:59:56 CEST 2012
commit 48054086d85a912723b59b44d686c4e4d104284e
Author: Kristian Lyngstol <kristian at bohemians.org>
Date: Wed May 9 14:59:23 2012 +0200
Verify range of port numbers before using them
Fixes #1035
diff --git a/bin/varnishtest/tests/r01035.vtc b/bin/varnishtest/tests/r01035.vtc
new file mode 100644
index 0000000..ccd6078
--- /dev/null
+++ b/bin/varnishtest/tests/r01035.vtc
@@ -0,0 +1,8 @@
+varnishtest "Test case for #1035"
+
+varnish v1 -arg "-a 127.0.0.1:80 -b localhost:8080"
+varnish v1 -cliok "param.set listen_address 127.0.0.1:80"
+varnish v1 -clierr 106 "param.set listen_address 127.0.0.1:65540"
+varnish v1 -clierr 106 "param.set listen_address 127.0.0.1:65536"
+varnish v1 -clierr 106 "param.set listen_address 127.0.0.1:-1"
+varnish v1 -cliok "param.set listen_address 127.0.0.1:65535"
diff --git a/lib/libvarnish/vss.c b/lib/libvarnish/vss.c
index 77b8f38..bc0597a 100644
--- a/lib/libvarnish/vss.c
+++ b/lib/libvarnish/vss.c
@@ -135,6 +135,7 @@ VSS_resolve(const char *addr, const char *port, struct vss_addr ***vap)
struct addrinfo hints, *res0, *res;
struct vss_addr **va;
int i, ret;
+ long int ptst;
char *adp, *hop;
*vap = NULL;
@@ -148,8 +149,12 @@ VSS_resolve(const char *addr, const char *port, struct vss_addr ***vap)
if (adp == NULL)
ret = getaddrinfo(addr, port, &hints, &res0);
- else
+ else {
+ ptst = strtol(adp,NULL,10);
+ if (ptst < 0 || ptst > 65535)
+ return(0);
ret = getaddrinfo(hop, adp, &hints, &res0);
+ }
free(hop);
free(adp);
More information about the varnish-commit
mailing list