[Bug 5210] New: httpd.c:parse_conf() does not understand IPv6 addressing in ACLs
bugzilla at busybox.net
bugzilla at busybox.net
Wed May 9 14:42:55 UTC 2012
https://bugs.busybox.net/show_bug.cgi?id=5210
Summary: httpd.c:parse_conf() does not understand IPv6
addressing in ACLs
Product: Busybox
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P5
Component: Networking
AssignedTo: unassigned at busybox.net
ReportedBy: hume-ml+busybox at bofh.ca
CC: busybox-cvs at busybox.net
Estimated Hours: 0.0
httpd.c as written is unable to understand IPv6 addresses. It uses an unsigned
int to store the IP address (too small) and assumes that the first colon
encountered in the string actually marks a port specification. As a result all
ACL comparisons on a IPv6 connection will fail. (Which can lock you out of a
device if not careful...)
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list