From bef6ca3adb351946025a8fe332fccab0144c6809 Mon Sep 17 00:00:00 2001
From: Magnus Larsen <golgothasTerror101@gmail.com>
Date: Thu, 28 Nov 2024 02:42:39 -0800
Subject: [PATCH] Avoid truncating Win32 SOCKET to int

This is a soundness issue, as despite winsock usually returning
small values like 0x00000000000000C8, we have no guarantee that a
winsock SOCKET can be safely truncated to an int.
---
 natpmp.c | 6 ++++--
 natpmp.h | 6 +++++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/natpmp.c b/natpmp.c
index 0fa6fc2..6b8e432 100644
--- a/natpmp.c
+++ b/natpmp.c
@@ -73,12 +73,14 @@ NATPMP_LIBSPEC int initnatpmp(natpmp_t * p, int forcegw, in_addr_t forcedgw)
 		return NATPMP_ERR_INVALIDARGS;
 	memset(p, 0, sizeof(natpmp_t));
 	p->s = socket(PF_INET, SOCK_DGRAM, 0);
-	if(p->s < 0)
-		return NATPMP_ERR_SOCKETERROR;
 #ifdef _WIN32
+	if(p->s == INVALID_SOCKET)
+		return NATPMP_ERR_SOCKETERROR;
 	if(ioctlsocket(p->s, FIONBIO, &ioctlArg) == SOCKET_ERROR)
 		return NATPMP_ERR_FCNTLERROR;
 #else
+	if(p->s < 0)
+		return NATPMP_ERR_SOCKETERROR;
 	if((flags = fcntl(p->s, F_GETFL, 0)) < 0)
 		return NATPMP_ERR_FCNTLERROR;
 	if(fcntl(p->s, F_SETFL, flags | O_NONBLOCK) < 0)
diff --git a/natpmp.h b/natpmp.h
index 6e9f9e7..50d42b9 100644
--- a/natpmp.h
+++ b/natpmp.h
@@ -59,7 +59,11 @@ typedef unsigned short uint16_t;
 #endif
 
 typedef struct {
-	int s;	/* socket */
+#ifdef _WIN32
+	SOCKET s; /* socket */
+#else
+	int s; /* socket */
+#endif
 	in_addr_t gateway;	/* default gateway (IPv4) */
 	int has_pending_request;
 	unsigned char pending_request[12];