From f95ca36cde8cbbf90860d7b5403e3efb69f8b0f7 Mon Sep 17 00:00:00 2001
From: bradh352 <brad@brad-house.com>
Date: Sat, 18 Mar 2023 19:16:55 -0400
Subject: [PATCH] ares_getaddrinfo using service of "0" should be allowed

As per #517 glibc allows a service/servname of "0" to be treated the
same as if NULL was provided.  Also, add a sanity check to ensure
the port number is in range instead of a blind cast.

Fixes: #517
Fix By: Brad House (@bradh352)
---
 src/lib/ares_getaddrinfo.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/lib/ares_getaddrinfo.c b/src/lib/ares_getaddrinfo.c
index 1c414987..cb494242 100644
--- a/src/lib/ares_getaddrinfo.c
+++ b/src/lib/ares_getaddrinfo.c
@@ -670,26 +670,32 @@ void ares_getaddrinfo(ares_channel channel,
     {
       if (hints->ai_flags & ARES_AI_NUMERICSERV)
         {
-          port = (unsigned short)strtoul(service, NULL, 0);
-          if (!port)
+          unsigned long val;
+          errno = 0;
+          val = strtoul(service, NULL, 0);
+          if ((val == 0 && errno != 0) || val > 65535)
             {
               ares_free(alias_name);
               callback(arg, ARES_ESERVICE, 0, NULL);
               return;
             }
+          port = (unsigned short)val;
         }
       else
         {
           port = lookup_service(service, 0);
           if (!port)
             {
-              port = (unsigned short)strtoul(service, NULL, 0);
-              if (!port)
+              unsigned long val;
+              errno = 0;
+              val = strtoul(service, NULL, 0);
+              if ((val == 0 && errno != 0) || val > 65535)
                 {
                   ares_free(alias_name);
                   callback(arg, ARES_ESERVICE, 0, NULL);
                   return;
                 }
+              port = (unsigned short)val;
             }
         }
     }