upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-22 09:20:51 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Additional safety check for negative array index

Browse source 
inet_ntop result should always protect against empty string accepted
without an error. Make additional check to satisfy coverity scans.

(cherry picked from commit 656a0f076f)
This commit is contained in:
Petr Menšík 2022-01-19 17:05:00 +01:00 committed by Mark Andrews
parent 2cdebaf702
commit 02f80b4c75
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/dns/rdata.c
View file

@ -1892,9 +1892,9 @@ inet_totext(int af, uint32_t flags, isc_region_t *src, isc_buffer_t *target) {
* parsing, so append 0 in that case.
*/
if (af == AF_INET6 && (flags & DNS_STYLEFLAG_YAML) != 0) {
isc_textregion_t tr;
isc_buffer_usedregion(target, (isc_region_t *)&tr);
if (tr.base[tr.length - 1] == ':') {
isc_region_t r;
isc_buffer_usedregion(target, &r);
if (r.length > 0 && r.base[r.length - 1] == ':') {
if (isc_buffer_availablelength(target) == 0) {
return (ISC_R_NOSPACE);
}