2305. [security] inet_network() buffer overflow. CVE-2008-0122.

2026-05-28 04:34:54 -04:00 · 2008-01-16 05:15:36 +00:00 · 2008-01-16 05:15:36 +00:00 · 8bc3fe510b
commit 8bc3fe510b
parent a7637b7db7
2 changed files with 3 additions and 2 deletions
--- a/1
+++ b/1
@ -1,3 +1,4 @@
+2305.	[security]	inet_network() buffer overflow. CVE-2008-0122.

 	--- 9.2.9 released ---

--- a/lib/bind/inet/inet_network.c
+++ b/lib/bind/inet/inet_network.c
@ -84,9 +84,9 @@ again:
 	}
 	if (!digit)
 		return (INADDR_NONE);
+	if (pp >= parts + 4 || val > 0xffU)
+		return (INADDR_NONE);
 	if (*cp == '.') {
-		if (pp >= parts + 4 || val > 0xffU)
-			return (INADDR_NONE);
 		*pp++ = val, cp++;
 		goto again;
 	}