From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 1990 invoked from network); 26 Jan 2023 11:48:11 -0000
Received: from second.openwall.net (193.110.157.125)
  by inbox.vuxu.org with ESMTPUTF8; 26 Jan 2023 11:48:11 -0000
Received: (qmail 17560 invoked by uid 550); 26 Jan 2023 11:48:06 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 17522 invoked from network); 26 Jan 2023 11:48:05 -0000
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru 680B144C100C
From: Alexey Izbyshev <izbyshev@ispras.ru>
To: musl@lists.openwall.com
Date: Thu, 26 Jan 2023 14:47:39 +0300
Message-Id: <20230126114739.205332-1-izbyshev@ispras.ru>
X-Mailer: git-send-email 2.39.1
MIME-Version: 1.0
Mail-Followup-To: musl@lists.openwall.com
Content-Transfer-Encoding: 8bit
Subject: [musl] [PATCH] inet_pton: fix uninitialized memory use for IPv4-mapped IPv6 addresses

When a dot is encountered, the loop counter is incremented before
exiting the loop, but the corresponding ip array element is left
uninitialized, so the subsequent memmove (if "::" was seen) and the loop
copying ip to the output buffer will operate on an uninitialized
uint16_t.

The uninitialized data never directly influences the control flow and
is overwritten on successful return by the second half of the parsed
IPv4 address. But it's better to fix this to avoid unexpected
transformations by a sufficiently smart compiler and reports from
UB-detection tools.
---
 src/network/inet_pton.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/network/inet_pton.c b/src/network/inet_pton.c
index d36c3689..bcbdd9ef 100644
--- a/src/network/inet_pton.c
+++ b/src/network/inet_pton.c
@@ -54,6 +54,7 @@ int inet_pton(int af, const char *restrict s, void *restrict a0)
 			if (s[j]!='.' || (i<6 && brk<0)) return 0;
 			need_v4=1;
 			i++;
+			ip[i&7]=0;
 			break;
 		}
 		s += j+1;
-- 
2.39.1