diff options
Diffstat (limited to 'lib/urlapi.c')
| -rw-r--r-- | lib/urlapi.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/urlapi.c b/lib/urlapi.c index 340dc33df..6483208ec 100644 --- a/lib/urlapi.c +++ b/lib/urlapi.c @@ -686,7 +686,11 @@ static bool ipv4_normalize(const char *hostname, char *outp, size_t olen) while(!done) { char *endp; - unsigned long l = strtoul(c, &endp, 0); + unsigned long l; + if((*c < '0') || (*c > '9')) + /* most importantly this doesn't allow a leading plus or minus */ + return FALSE; + l = strtoul(c, &endp, 0); /* overflow or nothing parsed at all */ if(((l == ULONG_MAX) && (errno == ERANGE)) || (endp == c)) |