diff options
| author | msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be> | 2015-11-13 20:01:52 +0000 |
|---|---|---|
| committer | msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be> | 2015-11-13 20:01:52 +0000 |
| commit | 044af446cd3000194adb9e52551098bdfb47bdc1 (patch) | |
| tree | 9fb5513ed6282c3e92971a61707420d4725bdd27 /cups/http-support.c | |
| parent | 28af862a1c19fb19b2813406ce12728a9f599cbb (diff) | |
Range check port numbers in URIs (<rdar://problem/23144461>)
git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12969 a1ca3aef-8c08-0410-bb20-df032aa958be
Diffstat (limited to 'cups/http-support.c')
| -rw-r--r-- | cups/http-support.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/cups/http-support.c b/cups/http-support.c index aae75e12d..b98468adb 100644 --- a/cups/http-support.c +++ b/cups/http-support.c @@ -1233,6 +1233,12 @@ httpSeparateURI( *port = (int)strtol(uri + 1, (char **)&uri, 10); + if (*port <= 0 || *port > 65535) + { + *port = 0; + return (HTTP_URI_STATUS_BAD_PORT); + } + if (*uri != '/' && *uri) { *port = 0; |