unix: socket.getaddrinfo: Port is unsigned value.
Treating it as signed lead to buffer overflow for ports >= 32768.
This commit is contained in:
parent
cf814b2d34
commit
115afdb07d
|
@ -367,9 +367,9 @@ STATIC mp_obj_t mod_socket_getaddrinfo(mp_uint_t n_args, const mp_obj_t *args) {
|
|||
// getaddrinfo accepts port in string notation, so however
|
||||
// it may seem stupid, we need to convert int to str
|
||||
if (MP_OBJ_IS_SMALL_INT(args[1])) {
|
||||
int port = (short)MP_OBJ_SMALL_INT_VALUE(args[1]);
|
||||
unsigned port = (unsigned short)MP_OBJ_SMALL_INT_VALUE(args[1]);
|
||||
char buf[6];
|
||||
sprintf(buf, "%d", port);
|
||||
sprintf(buf, "%u", port);
|
||||
serv = buf;
|
||||
hints.ai_flags = AI_NUMERICSERV;
|
||||
#ifdef __UCLIBC_MAJOR__
|
||||
|
|
Loading…
Reference in New Issue