Created attachment 188913 [details] Test program for getaddrinfo() getaddrinfo() uses inet_aton(), which ignores trailing spaces after numerical IP addresses. This means that getaddrinfo() resolves the hostname "127.0.0.1 www.example.com" to the IP address 127.0.0.1. Please see the attached example program. This bug is also present in some other operating systems, please see https://github.com/curl/curl/pull/2073
Created attachment 188935 [details] Don't ignore trailing spaces after numerical IP addresses. How about the attached patch?
Good approach. I think the characters "x" and "X" should also be added to the list of allowed characters, because the IP parts may have a prefix of "0x" or "0X" (see the man page of inet_aton).
Created attachment 188957 [details] Don't ignore trailing spaces after numerical IP addresses (rev. 2). Sure. We need to allow the characters from 'a' to 'f' as well. The revised patch is attached.
You're right :-) Now the patch looks good!
A commit references this bug: Author: ume Date: Wed Dec 20 17:44:31 UTC 2017 New revision: 327029 URL: https://svnweb.freebsd.org/changeset/base/327029 Log: Don't ignore trailing spaces after numerical IP addresses. PR: 224403 Reported by: Michael Kaufmann Reviewed by: Michael Kaufmann MFC after: 1 week Changes: head/lib/libc/net/getaddrinfo.c
A commit references this bug: Author: ume Date: Wed Dec 27 14:50:08 UTC 2017 New revision: 327238 URL: https://svnweb.freebsd.org/changeset/base/327238 Log: MFC r327029: Don't ignore trailing spaces after numerical IP addresses. PR: 224403 Changes: _U stable/10/ stable/10/lib/libc/net/getaddrinfo.c _U stable/11/ stable/11/lib/libc/net/getaddrinfo.c
I've committed it into HEAD, stable/11 and stable/10. Thank you for your input.