From 48039fa25e081ce743f62ca2d074c06a5d15fc6b Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Tue, 22 Feb 2022 12:27:17 +1100 Subject: [PATCH] Do not return ISC_R_UNEXPECTEDEND All rdata passed to dns_rdata_tostruct is supposed to be well formed, assert if it isn't. --- lib/dns/rdata/generic/caa_257.c | 10 +--------- lib/dns/rdata/generic/doa_259.c | 14 +------------- lib/dns/rdata/generic/ipseckey_45.c | 5 +---- lib/dns/rdata/generic/key_25.c | 11 +---------- lib/dns/rdata/generic/sink_40.c | 9 --------- lib/dns/rdata/generic/uri_256.c | 8 +------- 6 files changed, 5 insertions(+), 52 deletions(-) diff --git a/lib/dns/rdata/generic/caa_257.c b/lib/dns/rdata/generic/caa_257.c index eac735fc6b..6b9431634b 100644 --- a/lib/dns/rdata/generic/caa_257.c +++ b/lib/dns/rdata/generic/caa_257.c @@ -507,27 +507,19 @@ tostruct_caa(ARGS_TOSTRUCT) { /* * Flags */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } caa->flags = uint8_fromregion(&sr); isc_region_consume(&sr, 1); /* * Tag length */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } caa->tag_len = uint8_fromregion(&sr); isc_region_consume(&sr, 1); /* * Tag */ - if (sr.length < caa->tag_len) { - return (ISC_R_UNEXPECTEDEND); - } + INSIST(sr.length >= caa->tag_len); caa->tag = mem_maybedup(mctx, sr.base, caa->tag_len); isc_region_consume(&sr, caa->tag_len); diff --git a/lib/dns/rdata/generic/doa_259.c b/lib/dns/rdata/generic/doa_259.c index d7c6129dd8..78e8b7b863 100644 --- a/lib/dns/rdata/generic/doa_259.c +++ b/lib/dns/rdata/generic/doa_259.c @@ -213,7 +213,7 @@ tostruct_doa(ARGS_TOSTRUCT) { REQUIRE(rdata != NULL); REQUIRE(rdata->type == dns_rdatatype_doa); REQUIRE(doa != NULL); - REQUIRE(rdata->length != 0); + REQUIRE(rdata->length >= 10); doa->common.rdclass = rdata->rdclass; doa->common.rdtype = rdata->type; @@ -224,36 +224,24 @@ tostruct_doa(ARGS_TOSTRUCT) { /* * DOA-ENTERPRISE */ - if (region.length < 4) { - return (ISC_R_UNEXPECTEDEND); - } doa->enterprise = uint32_fromregion(®ion); isc_region_consume(®ion, 4); /* * DOA-TYPE */ - if (region.length < 4) { - return (ISC_R_UNEXPECTEDEND); - } doa->type = uint32_fromregion(®ion); isc_region_consume(®ion, 4); /* * DOA-LOCATION */ - if (region.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } doa->location = uint8_fromregion(®ion); isc_region_consume(®ion, 1); /* * DOA-MEDIA-TYPE */ - if (region.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } doa->mediatype_len = uint8_fromregion(®ion); isc_region_consume(®ion, 1); INSIST(doa->mediatype_len <= region.length); diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 2813818086..33a8ca1894 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -353,10 +353,6 @@ tostruct_ipseckey(ARGS_TOSTRUCT) { REQUIRE(ipseckey != NULL); REQUIRE(rdata->length >= 3); - if (rdata->data[1] > 3U) { - return (ISC_R_NOTIMPLEMENTED); - } - ipseckey->common.rdclass = rdata->rdclass; ipseckey->common.rdtype = rdata->type; ISC_LINK_INIT(&ipseckey->common, link); @@ -384,6 +380,7 @@ tostruct_ipseckey(ARGS_TOSTRUCT) { break; case 2: + INSIST(region.length >= 16U); memmove(ipseckey->in6_addr.s6_addr, region.base, 16); isc_region_consume(®ion, 16); break; diff --git a/lib/dns/rdata/generic/key_25.c b/lib/dns/rdata/generic/key_25.c index 688b6684ec..7c13af60c0 100644 --- a/lib/dns/rdata/generic/key_25.c +++ b/lib/dns/rdata/generic/key_25.c @@ -322,7 +322,7 @@ generic_tostruct_key(ARGS_TOSTRUCT) { isc_region_t sr; REQUIRE(key != NULL); - REQUIRE(rdata->length != 0); + REQUIRE(rdata->length >= 4U); REQUIRE(key != NULL); REQUIRE(key->common.rdclass == rdata->rdclass); @@ -332,23 +332,14 @@ generic_tostruct_key(ARGS_TOSTRUCT) { dns_rdata_toregion(rdata, &sr); /* Flags */ - if (sr.length < 2) { - return (ISC_R_UNEXPECTEDEND); - } key->flags = uint16_fromregion(&sr); isc_region_consume(&sr, 2); /* Protocol */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } key->protocol = uint8_fromregion(&sr); isc_region_consume(&sr, 1); /* Algorithm */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } key->algorithm = uint8_fromregion(&sr); isc_region_consume(&sr, 1); diff --git a/lib/dns/rdata/generic/sink_40.c b/lib/dns/rdata/generic/sink_40.c index 38104cf90c..d0c5825d92 100644 --- a/lib/dns/rdata/generic/sink_40.c +++ b/lib/dns/rdata/generic/sink_40.c @@ -191,23 +191,14 @@ tostruct_sink(ARGS_TOSTRUCT) { dns_rdata_toregion(rdata, &sr); /* Meaning */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } sink->meaning = uint8_fromregion(&sr); isc_region_consume(&sr, 1); /* Coding */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } sink->coding = uint8_fromregion(&sr); isc_region_consume(&sr, 1); /* Subcoding */ - if (sr.length < 1) { - return (ISC_R_UNEXPECTEDEND); - } sink->subcoding = uint8_fromregion(&sr); isc_region_consume(&sr, 1); diff --git a/lib/dns/rdata/generic/uri_256.c b/lib/dns/rdata/generic/uri_256.c index a613e4d9bb..0e1bb00604 100644 --- a/lib/dns/rdata/generic/uri_256.c +++ b/lib/dns/rdata/generic/uri_256.c @@ -209,7 +209,7 @@ tostruct_uri(ARGS_TOSTRUCT) { REQUIRE(rdata->type == dns_rdatatype_uri); REQUIRE(uri != NULL); - REQUIRE(rdata->length != 0); + REQUIRE(rdata->length >= 4); uri->common.rdclass = rdata->rdclass; uri->common.rdtype = rdata->type; @@ -220,18 +220,12 @@ tostruct_uri(ARGS_TOSTRUCT) { /* * Priority */ - if (sr.length < 2) { - return (ISC_R_UNEXPECTEDEND); - } uri->priority = uint16_fromregion(&sr); isc_region_consume(&sr, 2); /* * Weight */ - if (sr.length < 2) { - return (ISC_R_UNEXPECTEDEND); - } uri->weight = uint16_fromregion(&sr); isc_region_consume(&sr, 2);