return -1;
}
+ pidbuf[sizeof(pidbuf)-1] = 0;
pid = (pid_t)strtol(pidbuf, &t, 10);
if (*t && *t != '\n') {
- no malloc in log_hex.
- assertions around system calls.
- protect against gethostname without ending zero.
+ - ntop output is null terminated by unbound.
+ - pidfile content null termination
+ - various snprintf use sizeof(stringbuf) instead of fixed constant.
+ - changed loopdetect % 8 with & 0x7 since % can become negative for
+ weird negative input and particular interpretation of integer math.
+ - dname_pkt_copy checks length of result, to protect result buffers.
+ prints an error, this should not happen. Bad strings should have
+ been rejected earlier in the program.
15 October 2007: Wouter
- nicer warning.
(socklen_t)sizeof(buf)) == 0) {
strncpy(buf, "(null)", sizeof(buf));
}
+ buf[sizeof(buf)-1] = 0;
verbose(VERB_ALGO, "creating %s%s socket %s %d",
addr->ai_socktype==SOCK_DGRAM?"udp":
addr->ai_socktype==SOCK_STREAM?"tcp":"otherproto",
const uint8_t bits[8] = {0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80};
uint8_t ret;
log_assert(pos < MAX_COMPRESS_POS);
- ret = loop[ pos / 8 ] & bits[ pos % 8 ];
- loop[ pos / 8 ] |= bits[ pos % 8 ];
+ ret = loop[ pos / 8 ] & bits[ pos & 0x7 ];
+ loop[ pos / 8 ] |= bits[ pos & 0x7 ];
return ret;
}
void dname_pkt_copy(ldns_buffer* pkt, uint8_t* to, uint8_t* dname)
{
/* copy over the dname and decompress it at the same time */
+ size_t len = 0;
uint8_t lablen;
lablen = *dname++;
while(lablen) {
continue;
}
log_assert(lablen <= LDNS_MAX_LABELLEN);
+ len += (size_t)lablen+1;
+ if(len >= LDNS_MAX_DOMAINLEN) {
+ *to = 0; /* end the result prematurely */
+ log_err("bad dname in dname_pkt_copy");
+ return;
+ }
*to++ = lablen;
memmove(to, dname, lablen);
dname += lablen;
if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
strncpy(dest, "(inet_ntop error)", sizeof(dest));
}
+ dest[sizeof(dest)-1] = 0;
port = ntohs(((struct sockaddr_in*)addr)->sin_port);
verbose(VERB_DETAIL, "%s %s %s %d (len %d)",
str, family, dest, (int)port, (int)addrlen);
else if(ldns_rr_descript(type) && ldns_rr_descript(type)->_name)
ts = ldns_rr_descript(type)->_name;
else {
- snprintf(t, 12, "TYPE%d", (int)type);
+ snprintf(t, sizeof(t), "TYPE%d", (int)type);
ts = t;
}
if(ldns_lookup_by_id(ldns_rr_classes, (int)dclass) &&
ldns_lookup_by_id(ldns_rr_classes, (int)dclass)->name)
cs = ldns_lookup_by_id(ldns_rr_classes, (int)dclass)->name;
else {
- snprintf(c, 12, "CLASS%d", (int)dclass);
+ snprintf(c, sizeof(c), "CLASS%d", (int)dclass);
cs = c;
}
log_info("%s <%s %s %s>", str, buf, ts, cs);
if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
strncpy(dest, "(inet_ntop error)", sizeof(dest));
}
+ dest[sizeof(dest)-1] = 0;
port = ntohs(((struct sockaddr_in*)addr)->sin_port);
dname_str(zone, namebuf);
if(af != AF_INET && af != AF_INET6)
{
char buf[10240], *str=buf;
int len=0;
- snprintf(str, 10240, "%lu objects (%lu small/%lu large), %lu bytes allocated (%lu wasted) in %lu chunks, %lu cleanups, %lu in recyclebin%n",
+ snprintf(str, sizeof(buf), "%lu objects (%lu small/%lu large), %lu bytes allocated (%lu wasted) in %lu chunks, %lu cleanups, %lu in recyclebin%n",
(unsigned long) (region->small_objects + region->large_objects),
(unsigned long) region->small_objects,
(unsigned long) region->large_objects,
el = el->next;
}
if(i%ALIGNMENT == 0 && i!=0) {
- snprintf(str, 10240, " %lu%n",
+ snprintf(str, sizeof(buf)-(str-buf), " %lu%n",
(unsigned long)count, &len);
str+=len;
}
projects / thirdparty / unbound.git / commitdiff
