From 71f5365b3e897c37e8098225ab167564fff08420 Mon Sep 17 00:00:00 2001 From: Alaric Senat Date: Thu, 9 Jun 2022 15:19:23 +0200 Subject: [PATCH] miniserver: Don't initialize sockets for invalid IPs `init_socket_stuff` was ignoring `inet_pton`'s return value causing invalid IPs being seen as valid which caused bad calls to `bind` and `listen` further in the code path. Invalid `bind`s were frequents for interfaces providing only one IP protocol version (IPv4 or v6). In those cases, `gIF_IPV4` or `gIF_IPV4` were left to their default values (an empty string) causing `inet_pton` to fail silently without aborting the socket opening and binding... Refs #195 (cherry picked from commit 447de4e5efdbbd8c1d51cf9ba7207d4e5310e901) --- upnp/src/genlib/miniserver/miniserver.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/upnp/src/genlib/miniserver/miniserver.c b/upnp/src/genlib/miniserver/miniserver.c index 80d2877f..8b228a0d 100644 --- a/upnp/src/genlib/miniserver/miniserver.c +++ b/upnp/src/genlib/miniserver/miniserver.c @@ -764,7 +764,10 @@ static int init_socket_suff( goto error; break; } - inet_pton(domain, text_addr, addr); + + if (inet_pton(domain, text_addr, addr) <= 0) + goto error; + s->fd = socket(domain, SOCK_STREAM, 0); if (s->fd == INVALID_SOCKET) { strerror_r(errno, errorBuffer, ERROR_BUFFER_LEN);