diff --git a/bin/named/server.c b/bin/named/server.c index d28926914e..7c2499ea2a 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -14921,7 +14921,12 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, result = dns_rdataset_next(&privset)) { dns_rdata_t priv = DNS_RDATA_INIT; - char output[BUFSIZ]; + /* + * In theory, the output buffer could hold a full RDATA + * record which is 16-bit and then some text around + * it + */ + char output[UINT16_MAX + BUFSIZ]; isc_buffer_t buf; dns_rdataset_current(&privset, &priv); diff --git a/bin/tests/system/feature-test.c b/bin/tests/system/feature-test.c index 30e6e14575..3435c91e07 100644 --- a/bin/tests/system/feature-test.c +++ b/bin/tests/system/feature-test.c @@ -11,6 +11,7 @@ * information regarding copyright ownership. */ +#include #include #include #include @@ -22,14 +23,6 @@ #include -#ifndef MAXHOSTNAMELEN -#ifdef HOST_NAME_MAX -#define MAXHOSTNAMELEN HOST_NAME_MAX -#else /* ifdef HOST_NAME_MAX */ -#define MAXHOSTNAMELEN 256 -#endif /* ifdef HOST_NAME_MAX */ -#endif /* ifndef MAXHOSTNAMELEN */ - static void usage(void) { fprintf(stderr, "usage: feature-test \n"); @@ -91,7 +84,7 @@ main(int argc, char **argv) { } if (strcmp(argv[1], "--gethostname") == 0) { - char hostname[MAXHOSTNAMELEN]; + char hostname[_POSIX_HOST_NAME_MAX + 1]; int n; n = gethostname(hostname, sizeof(hostname)); diff --git a/lib/dns/adb.c b/lib/dns/adb.c index b97f3e6390..3ff149a774 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -3010,7 +3010,7 @@ dns_adb_dumpquota(dns_adb_t *adb, isc_buffer_t **buf) { entry = ISC_LIST_NEXT(entry, plink)) { char addrbuf[ISC_NETADDR_FORMATSIZE]; - char text[BUFSIZ]; + char text[ISC_NETADDR_FORMATSIZE + BUFSIZ]; isc_netaddr_t netaddr; if (entry->atr == 0.0 && entry->quota == adb->quota) { diff --git a/lib/dns/private.c b/lib/dns/private.c index 58deda095a..cbf947f8cc 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -383,7 +383,8 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { } else if (private->length == 5) { unsigned char alg = private->data[0]; dns_keytag_t keyid = (private->data[2] | private->data[1] << 8); - char keybuf[BUFSIZ], algbuf[DNS_SECALG_FORMATSIZE]; + char keybuf[DNS_SECALG_FORMATSIZE + BUFSIZ], + algbuf[DNS_SECALG_FORMATSIZE]; bool del = private->data[3]; bool complete = private->data[4]; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index ddc0ed5041..7fa7040aa2 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -11538,7 +11538,8 @@ dns_resolver_dumpquota(dns_resolver_t *res, isc_buffer_t **buf) { for (fctxcount_t *fc = ISC_LIST_HEAD(bucket->list); fc != NULL; fc = ISC_LIST_NEXT(fc, link)) { - char nb[DNS_NAME_FORMATSIZE], text[BUFSIZ]; + char nb[DNS_NAME_FORMATSIZE], + text[DNS_NAME_FORMATSIZE + BUFSIZ]; if (fc->count < spill) { continue; diff --git a/lib/ns/client.c b/lib/ns/client.c index 836cedc8e1..436cc19a89 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -12,6 +12,7 @@ */ #include +#include #include #include @@ -955,7 +956,7 @@ isc_result_t ns_client_addopt(ns_client_t *client, dns_message_t *message, dns_rdataset_t **opt) { unsigned char ecs[ECS_SIZE]; - char nsid[BUFSIZ], *nsidp = NULL; + char nsid[_POSIX_HOST_NAME_MAX + 1], *nsidp = NULL; unsigned char cookie[COOKIE_SIZE]; isc_result_t result; dns_view_t *view = NULL;