bind9/lib/dns
Mark Andrews f0fdca90f2 Silence tainted scalar on rdlen
2042        ttl = isc_buffer_getuint32(&j->it.source);
    	    13. tainted_data_transitive: Call to function isc_buffer_getuint16 with tainted argument *j->it.source.base returns tainted data. [show details]
    	    14. var_assign: Assigning: rdlen = isc_buffer_getuint16(&j->it.source), which taints rdlen.
    2043        rdlen = isc_buffer_getuint16(&j->it.source);
    2044
    2045        /*
    2046         * Parse the rdata.
    2047         */
    	    15. Condition j->it.source.used - j->it.source.current != rdlen, taking false branch.
    2048        if (isc_buffer_remaininglength(&j->it.source) != rdlen) {
    2049                FAIL(DNS_R_FORMERR);
    2050        }
    	    16. var_assign_var: Assigning: j->it.source.active = j->it.source.current + rdlen. Both are now tainted.
    2051        isc_buffer_setactive(&j->it.source, rdlen);
    2052        dns_rdata_reset(&j->it.rdata);
    	    17. lower_bounds: Checking lower bounds of unsigned scalar j->it.source.active by taking the true branch of j->it.source.active > j->it.source.current.

    CID 316506 (#1 of 1): Untrusted loop bound (TAINTED_SCALAR)
    18. tainted_data: Passing tainted expression j->it.source.active to dns_rdata_fromwire, which uses it as a loop boundary. [show details]
    	    Ensure that tainted values are properly sanitized, by checking that their values are within a permissible range.
    2053        CHECK(dns_rdata_fromwire(&j->it.rdata, rdclass, rdtype, &j->it.source,
    2054                                 &j->it.dctx, 0, &j->it.target));
2021-07-12 00:22:07 +00:00
..
include Remove error checks in dns_message for mem allocations 2021-07-09 15:58:02 +02:00
rdata Handle placeholder KEYDATA record 2021-07-01 14:34:28 +10:00
tests Clean up the dns_dispatch_getudp API 2021-07-09 15:58:02 +02:00
.gitignore 4394. [func] Add rndc command "dnstap-reopen" to close and 2016-06-24 09:37:04 +10:00
acl.c Reduce the number of clientmgr objects created 2021-05-24 20:44:54 +02:00
adb.c Properly disable the "water" in isc_mem 2021-07-09 15:58:02 +02:00
badcache.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
byaddr.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
cache.c Properly disable the "water" in isc_mem 2021-07-09 15:58:02 +02:00
callbacks.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
catz.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
client.c Clean up the dns_dispatch_getudp API 2021-07-09 15:58:02 +02:00
clientinfo.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
compress.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
db.c Cleanup redundant isc_rwlock_init() result checks 2021-02-03 12:22:33 +11:00
dbiterator.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
diff.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
dispatch.c Clean up the dns_dispatch_getudp API 2021-07-09 15:58:02 +02:00
dlz.c Cleanup redundant isc_rwlock_init() result checks 2021-02-03 12:22:33 +11:00
dns64.c add dns_dns64_findprefix 2020-11-25 08:25:29 +11:00
dnsrps.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
dnssec.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
dnstap.c Address theoretical resource leak in dns_dt_open() 2021-02-22 12:22:31 +11:00
dnstap.proto fix spelling errors reported by Fossies. 2020-02-21 15:05:08 +11:00
ds.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
dst_api.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
dst_internal.h Protect dst key metadata with lock 2021-06-30 17:28:49 +02:00
dst_openssl.h update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
dst_parse.c Add key metadata for DS published/withdrawn 2021-06-30 17:28:48 +02:00
dst_parse.h update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
dst_pkcs11.h update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
dst_result.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
dyndb.c Use libuv's shared library handling capabilities 2020-10-28 15:48:58 +01:00
ecs.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
fixedname.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
forward.c Cleanup redundant isc_rwlock_init() result checks 2021-02-03 12:22:33 +11:00
gen.c Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
gen.h Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
geoip2.c Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
gssapi_link.c Stop including gssapi.h from dst/gssapi.h header 2021-02-16 01:04:46 +00:00
gssapictx.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
hmac_link.c Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
ipkeylist.c implement xfrin via XoT 2021-01-29 12:07:38 +01:00
iptable.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
journal.c Silence tainted scalar on rdlen 2021-07-12 00:22:07 +00:00
kasp.c Add purge-keys config option 2021-02-23 09:16:48 +01:00
key.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
keydata.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
keymgr.c Add checkds log notice 2021-06-30 17:28:48 +02:00
keytable.c Cleanup redundant isc_rwlock_init() result checks 2021-02-03 12:22:33 +11:00
lib.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
log.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
lookup.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
Makefile.am Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
master.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
masterdump.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
message.c Remove error checks in dns_message for mem allocations 2021-07-09 15:58:02 +02:00
name.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
ncache.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
nsec.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
nsec3.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
nta.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
openssl_link.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
openssldh_link.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
opensslecdsa_link.c Make opensslecdsa_parse use fromlabel 2021-01-26 15:01:26 +01:00
openssleddsa_link.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
opensslrsa_link.c Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
order.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
peer.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
pkcs11.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
pkcs11ecdsa_link.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
pkcs11eddsa_link.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
pkcs11rsa_link.c Fix misplaced declaration 2020-12-01 10:46:58 +11:00
private.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rbt.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
rbtdb.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
rbtdb.h update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rcode.c Use isdigit instead of checking character range 2021-05-05 19:15:33 +02:00
rdata.c Make calling generic rdata methods consistent 2021-03-26 22:04:42 +00:00
rdatalist.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rdatalist_p.h update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rdataset.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
rdatasetiter.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rdataslab.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
request.c Clean up the dns_dispatch_getudp API 2021-07-09 15:58:02 +02:00
resolver.c Clean up the dns_dispatch_getudp API 2021-07-09 15:58:02 +02:00
result.c Add NSEC3PARAM unit test, refactor zone.c 2020-11-26 10:43:59 +01:00
rootns.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rpz.c Cleanup redundant isc_rwlock_init() result checks 2021-02-03 12:22:33 +11:00
rriterator.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
rrl.c Reduce the number of clientmgr objects created 2021-05-24 20:44:54 +02:00
sdb.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
sdlz.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
soa.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
ssu.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
ssu_external.c Completely remove BIND 9 Windows support 2021-06-09 14:35:14 +02:00
stats.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
tcpmsg.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
time.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
timer.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
tkey.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
transport.c refactor outgoing HTTP connection support 2021-03-05 13:29:26 +02:00
tsec.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
tsig.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
tsig_p.h update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
ttl.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
update.c The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
validator.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
view.c Move NAME_MAX and PATH_MAX from isc/platform.h to isc/dir.h 2021-07-06 05:33:48 +00:00
xfrin.c Add missing initialisations 2021-05-26 08:15:08 +00:00
zone.c Remove LIB<*>_EXTERNAL_DATA defines 2021-07-06 05:33:48 +00:00
zone_p.h Add NSEC3PARAM unit test, refactor zone.c 2020-11-26 10:43:59 +01:00
zonekey.c update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
zoneverify.c rename dns_name_copynf() to dns_name_copy() 2021-05-22 00:37:27 -07:00
zt.c Cleanup redundant isc_rwlock_init() result checks 2021-02-03 12:22:33 +11:00