dnsdist: Better bounds checking in Lua FFI overlay accessors

author Remi Gacogne <remi.gacogne@powerdns.com>

Mon, 28 Feb 2022 15:05:28 +0000 (16:05 +0100)

committer Remi Gacogne <remi.gacogne@powerdns.com>

Mon, 10 Oct 2022 07:57:07 +0000 (09:57 +0200)
author Remi Gacogne <remi.gacogne@powerdns.com>
Mon, 28 Feb 2022 15:05:28 +0000 (16:05 +0100)
committer Remi Gacogne <remi.gacogne@powerdns.com>
Mon, 10 Oct 2022 07:57:07 +0000 (09:57 +0200)
diff --git a/pdns/dnsdistdist/dnsdist-lua-ffi.cc b/pdns/dnsdistdist/dnsdist-lua-ffi.cc

index 74e726f9930645188ba31666f3dc00e27ada7c7b..54606b081cc0430066b456d2f701053056d34715 100644 (file)
--- a/pdns/dnsdistdist/dnsdist-lua-ffi.cc
+++ b/pdns/dnsdistdist/dnsdist-lua-ffi.cc
@@ -1195,7 +1195,7 @@ uint16_t dnsdist_ffi_dnspacket_get_records_count_in_section(const dnsdist_ffi_dn
  
  void dnsdist_ffi_dnspacket_get_record_name_raw(const dnsdist_ffi_dnspacket_t* packet, size_t idx, const char** name, size_t* nameSize)
  {
-  if (packet == nullptr || name == nullptr || nameSize == nullptr || idx > packet->overlay.d_records.size()) {
+  if (packet == nullptr || name == nullptr || nameSize == nullptr || idx >= packet->overlay.d_records.size()) {
      return;
    }
    const auto& storage = packet->overlay.d_records.at(idx).d_name.getStorage();
@@ -1205,7 +1205,7 @@ void dnsdist_ffi_dnspacket_get_record_name_raw(const dnsdist_ffi_dnspacket_t* pa
  
  uint16_t dnsdist_ffi_dnspacket_get_record_type(const dnsdist_ffi_dnspacket_t* packet, size_t idx)
  {
-  if (packet == nullptr || idx > packet->overlay.d_records.size()) {
+  if (packet == nullptr || idx >= packet->overlay.d_records.size()) {
      return 0;
    }
    return packet->overlay.d_records.at(idx).d_type;
@@ -1213,7 +1213,7 @@ uint16_t dnsdist_ffi_dnspacket_get_record_type(const dnsdist_ffi_dnspacket_t* pa
  
  uint16_t dnsdist_ffi_dnspacket_get_record_class(const dnsdist_ffi_dnspacket_t* packet, size_t idx)
  {
-  if (packet == nullptr || idx > packet->overlay.d_records.size()) {
+  if (packet == nullptr || idx >= packet->overlay.d_records.size()) {
      return 0;
    }
    return packet->overlay.d_records.at(idx).d_class;
@@ -1221,7 +1221,7 @@ uint16_t dnsdist_ffi_dnspacket_get_record_class(const dnsdist_ffi_dnspacket_t* p
  
  uint32_t dnsdist_ffi_dnspacket_get_record_ttl(const dnsdist_ffi_dnspacket_t* packet, size_t idx)
  {
-  if (packet == nullptr || idx > packet->overlay.d_records.size()) {
+  if (packet == nullptr || idx >= packet->overlay.d_records.size()) {
      return 0;
    }
    return packet->overlay.d_records.at(idx).d_ttl;
@@ -1229,7 +1229,7 @@ uint32_t dnsdist_ffi_dnspacket_get_record_ttl(const dnsdist_ffi_dnspacket_t* pac
  
  uint16_t dnsdist_ffi_dnspacket_get_record_content_length(const dnsdist_ffi_dnspacket_t* packet, size_t idx)
  {
-  if (packet == nullptr || idx > packet->overlay.d_records.size()) {
+  if (packet == nullptr || idx >= packet->overlay.d_records.size()) {
      return 0;
    }
    return packet->overlay.d_records.at(idx).d_contentLength;
@@ -1237,7 +1237,7 @@ uint16_t dnsdist_ffi_dnspacket_get_record_content_length(const dnsdist_ffi_dnspa
  
  uint16_t dnsdist_ffi_dnspacket_get_record_content_offset(const dnsdist_ffi_dnspacket_t* packet, size_t idx)
  {
-  if (packet == nullptr || idx > packet->overlay.d_records.size()) {
+  if (packet == nullptr || idx >= packet->overlay.d_records.size()) {
      return 0;
    }
    return packet->overlay.d_records.at(idx).d_contentOffset;
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 28 Feb 2022 15:05:28 +0000 (16:05 +0100)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 10 Oct 2022 07:57:07 +0000 (09:57 +0200)