diff options
author | Eric S. Raymond <esr@thyrsus.com> | 1997-09-03 15:45:21 +0000 |
---|---|---|
committer | Eric S. Raymond <esr@thyrsus.com> | 1997-09-03 15:45:21 +0000 |
commit | f84776266d1d232ecf11f1cf57900a7abe000b54 (patch) | |
tree | 40fc99b36699bf052b6820277fc397e135b52eba | |
parent | 3097034142b8a8b1d66b538cf8962d5affec962b (diff) | |
download | fetchmail-f84776266d1d232ecf11f1cf57900a7abe000b54.tar.gz fetchmail-f84776266d1d232ecf11f1cf57900a7abe000b54.tar.bz2 fetchmail-f84776266d1d232ecf11f1cf57900a7abe000b54.zip |
Prevent buffer spamming.
svn path=/trunk/; revision=1279
-rw-r--r-- | socket.c | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -53,8 +53,14 @@ int SockOpen(char *host, int clientPort) else { hp = gethostbyname(host); - if (hp == NULL) + + /* + * Add a check to make sure the address has a valid IPv4 or IPv6 + * length. This prevents buffer spamming by a broken DNS. + */ + if (hp == NULL || (hp->h_length != 4 && hp->h_length != 8)) return -1; + memcpy(&ad.sin_addr, hp->h_addr, hp->h_length); } ad.sin_port = htons(clientPort); |