From 4496ef91b58bf8895ea04d0aef30a76b44263d6f Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Fri, 2 Dec 2016 10:13:00 +0000
Subject: [PATCH] g_hostname_is_ip_address: detect integer overflow

Signed integer overflow is undefined behaviour, which the undefined
behaviour sanitizer detects.

Previously, if the compiler had implemented this in the obvious way
(overflowing signed multiplication wraps around mod 2**32), we would
have incorrectly classified addresses where one octet was, for example,
(2**32 + 42) as valid IP addresses, by treating that octet as though
it was 42.

Signed-off-by: Simon McVittie <smcv@debian.org>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=775510
Reviewed-by: Colin Walters
---
 glib/ghostutils.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/glib/ghostutils.c b/glib/ghostutils.c
index 79e951446..4be59f7ee 100644
--- a/glib/ghostutils.c
+++ b/glib/ghostutils.c
@@ -785,7 +785,12 @@ g_hostname_is_ip_address (const gchar *hostname)
       else
         {
           for (end = p; g_ascii_isdigit (*end); end++)
-            octet = 10 * octet + (*end - '0');
+            {
+              octet = 10 * octet + (*end - '0');
+
+              if (octet > 255)
+                break;
+            }
         }
       if (end == p || end > p + 3 || octet > 255)
         return FALSE;