upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-10 10:11:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Prevent overflow of size

Browse source 
If size overflows we will have an infinite loop.  In practice
this will not happen unless we have made a coding error.  Add
an INSIST to detect this condition.

    181        while (!done) {
    182                isc_buffer_allocate(mctx, &b, size);
    183                result = dns_rdata_totext(rdata, NULL, b);
    184                if (result == ISC_R_SUCCESS) {
    185                        printf("%.*s\n", (int)isc_buffer_usedlength(b),
    186                               (char *)isc_buffer_base(b));
    187                        done = true;
    188                } else if (result != ISC_R_NOSPACE) {
    189                        check_result(result, "dns_rdata_totext");
    190                }
    191                isc_buffer_free(&b);

    CID 498025: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
    overflow_const: Expression size, which is equal to 0, overflows the type that
    receives it, an unsigned integer 32 bits wide.
    192                size *= 2;
    193        }
This commit is contained in:
Mark Andrews 2024-07-09 11:59:39 +10:00
parent 7838ca3f67
commit e7ef0a60ab
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
bin/dig/nslookup.c
View file

@ -189,6 +189,7 @@ printrdata(dns_rdata_t *rdata) {
check_result(result, "dns_rdata_totext");
}
isc_buffer_free(&b);
INSIST(size <= (UINT_MAX / 2));
size *= 2;
}
}