@@ -298,12 +298,14 @@ static int wolfip_fd_alloc(int internal_fd, int nonblock)
298298 host_fcntl (pipefds [0 ], F_SETFL , O_NONBLOCK );
299299 host_fcntl (pipefds [1 ], F_SETFL , O_NONBLOCK );
300300 } else {
301- if (fcntl (pipefds [0 ], F_SETFD , FD_CLOEXEC ) < 0 ||
302- fcntl (pipefds [1 ], F_SETFD , FD_CLOEXEC ) < 0 ||
303- fcntl (pipefds [0 ], F_SETFL , O_NONBLOCK ) < 0 ||
304- fcntl (pipefds [1 ], F_SETFL , O_NONBLOCK ) < 0 ) {
305- /* Use host_close to avoid deadlock: close() is interposed and
306- * wolfip_fd_alloc may be called with wolfIP_mutex held. */
301+ /* Resolve the real libc fcntl via dlsym to avoid recursing into our
302+ * interposed fcntl(), which would deadlock on wolfIP_mutex. */
303+ int (* real_fcntl )(int , int , ...) = (int (* )(int , int , ...))dlsym (RTLD_NEXT , "fcntl" );
304+ if (!real_fcntl ||
305+ real_fcntl (pipefds [0 ], F_SETFD , FD_CLOEXEC ) < 0 ||
306+ real_fcntl (pipefds [1 ], F_SETFD , FD_CLOEXEC ) < 0 ||
307+ real_fcntl (pipefds [0 ], F_SETFL , O_NONBLOCK ) < 0 ||
308+ real_fcntl (pipefds [1 ], F_SETFL , O_NONBLOCK ) < 0 ) {
307309 if (host_close ) {
308310 host_close (pipefds [0 ]);
309311 host_close (pipefds [1 ]);
@@ -1649,15 +1651,18 @@ void *wolfIP_sock_posix_ip_loop(void *arg) {
16491651
16501652static int wolfip_validate_ipv4 (const char * s )
16511653{
1652- int parts = 0 , digits = 0 , val = 0 ;
1654+ int parts = 0 , digits = 0 ;
1655+ unsigned int val = 0 ;
16531656 if (!s || !* s )
16541657 return 0 ;
16551658 while (* s ) {
16561659 if (* s >= '0' && * s <= '9' ) {
1657- val = val * 10 + (* s - '0' );
1660+ digits ++ ;
1661+ if (digits > 3 )
1662+ return 0 ;
1663+ val = val * 10 + (unsigned int )(* s - '0' );
16581664 if (val > 255 )
16591665 return 0 ;
1660- digits ++ ;
16611666 } else if (* s == '.' ) {
16621667 if (digits == 0 )
16631668 return 0 ;
@@ -1764,13 +1769,15 @@ void __attribute__((constructor)) init_wolfip_posix() {
17641769 }
17651770 wolfIP_start_tcpdump ((tapdev && tapdev -> ifname [0 ]) ? tapdev -> ifname : "wtcp0" );
17661771#endif
1767- if (wolfip_validate_ipv4 (wolfip_ip_str ) && wolfip_validate_ipv4 (wolfip_mask_str ) &&
1768- wolfip_validate_ipv4 (host_stack_ip_str )) {
1769- wolfIP_ipconfig_set ( IPSTACK , atoip4 ( wolfip_ip_str ), atoip4 ( wolfip_mask_str ),
1770- atoip4 ( host_stack_ip_str )) ;
1771- } else {
1772- fprintf ( stderr , "Invalid IP configuration, using defaults\n" ) ;
1772+ if (! wolfip_validate_ipv4 (wolfip_ip_str ) || ! wolfip_validate_ipv4 (wolfip_mask_str ) ||
1773+ ! wolfip_validate_ipv4 (host_stack_ip_str )) {
1774+ fprintf ( stderr , "Invalid IP configuration, falling back to defaults\n" );
1775+ wolfip_ip_str = WOLFIP_IP ;
1776+ wolfip_mask_str = "255.255.255.0" ;
1777+ host_stack_ip_str = HOST_STACK_IP ;
17731778 }
1779+ wolfIP_ipconfig_set (IPSTACK , atoip4 (wolfip_ip_str ), atoip4 (wolfip_mask_str ),
1780+ atoip4 (host_stack_ip_str ));
17741781 pthread_mutex_unlock (& wolfIP_mutex );
17751782 fprintf (stderr , "IP: manually configured - %s\n" , wolfip_ip_str );
17761783 /* Avoid penalizing startup fairness across stacks: once init is done,
0 commit comments