mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

Prevent overflow of size

Browse Source 
If size overflows we will have an infinite loop.  In practice
this will not happen unless we have made a coding error.  Add
an INSIST to detect this condition.

    181        while (!done) {
    182                isc_buffer_allocate(mctx, &b, size);
    183                result = dns_rdata_totext(rdata, NULL, b);
    184                if (result == ISC_R_SUCCESS) {
    185                        printf("%.*s\n", (int)isc_buffer_usedlength(b),
    186                               (char *)isc_buffer_base(b));
    187                        done = true;
    188                } else if (result != ISC_R_NOSPACE) {
    189                        check_result(result, "dns_rdata_totext");
    190                }
    191                isc_buffer_free(&b);

    CID 498025: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
    overflow_const: Expression size, which is equal to 0, overflows the type that
    receives it, an unsigned integer 32 bits wide.
    192                size *= 2;
    193        }
This commit is contained in:
Mark Andrews 2024-07-09 11:59:39 +10:00
parent 7838ca3f67
commit e7ef0a60ab
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
bin/dig/nslookup.c
View File

@ -189,6 +189,7 @@ printrdata(dns_rdata_t *rdata) {
check_result(result, "dns_rdata_totext");
}
isc_buffer_free(&b);
INSIST(size <= (UINT_MAX / 2));
size *= 2;
}
}