From 9176d09512f99412bc4fec47a66139ca6560a47a Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Wed, 23 Nov 2016 17:08:26 +0000
Subject: [PATCH] setup.c: Do not make wild pointer access if resolv.conf
 prefix length insane

(Found by AFL.)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 src/setup.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/setup.c b/src/setup.c
index 54b93a8..f1c7dfe 100644
--- a/src/setup.c
+++ b/src/setup.c
@@ -228,11 +228,12 @@ static void ccf_sortlist(adns_state ads, const char *fn,
 	}
       } else {
 	maskwhat = "prefix length";
-	initial= strtoul(slash,&ep,10);
-	if (*ep || initial>adns__addr_width(sl->base.sa.sa_family)) {
+	unsigned long prefixlen = strtoul(slash,&ep,10);
+	if (*ep || prefixlen>adns__addr_width(sl->base.sa.sa_family)) {
 	  configparseerr(ads,fn,lno,"mask length `%s' invalid",slash);
 	  continue;
 	}
+	initial= prefixlen;
 	sl->mask.sa.sa_family= sl->base.sa.sa_family;
 	adns__prefix_mask(&sl->mask, initial);
       }
-- 
2.30.2