reject integer overflow in NetIsIP4()

- better detect invalid input
synopse · Jun 14, 2023 · 798cf31 · 798cf31
1 parent a961292
commit 798cf31
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/src/mormot.commit.inc b/src/mormot.commit.inc
@@ -1 +1 @@
-'2.1.5563'
+'2.1.5564'
diff --git a/src/net/mormot.net.sock.pas b/src/net/mormot.net.sock.pas
@@ -3942,16 +3942,14 @@ function NetIsIP4(text: PUtf8Char; value: PByte): boolean;
   while true do
     case text^ of
       #0 .. ' ':
-        if (b > 255) or
-           (b < 0) or
+        if (b < 0) or
            (n <> 3) then
           exit
         else
           break;
       '.':
         begin
-          if (b > 255) or
-             (b < 0) or
+          if (b < 0) or
              (n = 3) then
             exit;
           if value <> nil then
@@ -3971,7 +3969,11 @@ function NetIsIP4(text: PUtf8Char; value: PByte): boolean;
           if b < 0 then
             b := o
           else
+          begin
             b := b * 10 + o;
+            if b > 255 then
+              exit; // out-of-range number
+          end;
           inc(text);
         end
     else