[ These came up in an internal code review at work ]
In the routine Socket::PortNameToNumber, there's a chunk of code that
looks like:
int port = atoi(name)
if ( IntoToString(port) == name ))
return port;
This code will accept invalid socket numbers such as -1 and 75000.
Adding a check to ensure that port is in the range 0 ... 65535 would
solve this problem.
--
-- Marshall
Marshall Clow Idio Software <mailto:[email protected]>
It is by caffeine alone I set my mind in motion.
It is by the beans of Java that thoughts acquire speed,
the hands acquire shaking, the shaking becomes a warning.
It is by caffeine alone I set my mind in motion.
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
