memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1);
cur_data_size += cur_window_max + 3;
}
-
+ if (! data) {
+ LDNS_FREE(bitmap);
+ return NULL;
+ }
bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC,
cur_data_size,
data);
if (tree->parent_status[i] != LDNS_STATUS_OK) {
result = tree->parent_status[i];
} else {
- if (ldns_rr_get_type(tree->rr)
+ if (tree->rr &&
+ ldns_rr_get_type(tree->rr)
== LDNS_RR_TYPE_NSEC &&
parent_result == LDNS_STATUS_OK
) {
ldns_rr_get_type(rr),
nsecs);
if(!closest_encloser) {
- result = LDNS_STATUS_NSEC3_ERR;
+ result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
goto done;
}
ldns_rdf_deep_free(hashed_wildcard_name);
}
- ldns_rdf_deep_free(closest_encloser);
- ldns_rdf_deep_free(wildcard);
-
- if (!wildcard_covered) {
+ if (! wildcard_covered) {
result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
- } else if (closest_encloser && wildcard_covered) {
- result = LDNS_STATUS_OK;
} else {
- result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
+ result = LDNS_STATUS_OK;
}
+ ldns_rdf_deep_free(closest_encloser);
+ ldns_rdf_deep_free(wildcard);
+
} else if (packet_nodata && packet_qtype != LDNS_RR_TYPE_DS) {
/* section 8.5 */
hashed_name = ldns_nsec3_hash_name_frm_nsec3(
if (next_node == LDNS_RBTREE_NULL) {
next_node = ldns_rbtree_first(zone->names);
}
-
+ if (! cur_node->data || ! next_node->data) {
+ return LDNS_STATUS_ERR;
+ }
cur_name = ((ldns_dnssec_name *)cur_node->data)->name;
next_name = ((ldns_dnssec_name *)next_node->data)->name;
cur_label_count = ldns_dname_label_count(cur_name);
char c;
for (i = 0; i < len-1; i++) {
- c = getc(input);
+ c = (int)getc(input);
if (c == EOF) {
return -1;
} else if (c != '\n') {
hexbuf[hexbufpos] = (uint8_t) c;
hexbufpos++;
break;
- default:
- warning("unknown state while reading %s", filename);
- xfree(hexbuf);
- return 0;
- break;
}
c = fgetc(fp);
}
fprintf(stderr, "Warning: Unable to create stub resolver from /etc/resolv.conf:\n");
fprintf(stderr, "%s\n", ldns_get_errorstr_by_id(status));
fprintf(stderr, "defaulting to nameserver at 127.0.0.1 for separate nameserver name lookups\n");
- res = ldns_resolver_new();
- ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, "127.0.0.1");
- status = ldns_resolver_push_nameserver(res, ns);
- if (status != LDNS_STATUS_OK) {
+ for (;;) {
+ res = ldns_resolver_new();
+ if (res) {
+ ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A,
+ "127.0.0.1");
+ if (ns) {
+ status = ldns_resolver_push_nameserver(
+ res, ns);
+ if (status == LDNS_STATUS_OK) {
+ break;
+ }
+ ldns_rdf_deep_free(ns);
+ }
+ ldns_resolver_free(res);
+ }
fprintf(stderr, "Unable to create stub resolver: %s\n", ldns_get_errorstr_by_id(status));
exit(EXIT_FAILURE);
}
}
break;
case 'h':
- printf("Usage: %s [-c] [-v] [-z] <zonefile>\n", argv[0]);
+ printf("Usage: %s [OPTIONS] <zonefile>\n", argv[0]);
printf("\tReads the zonefile and prints it.\n");
printf("\tThe RR count of the zone is printed to stderr.\n");
printf("\t-b include bubblebabble of DS's.\n");
printf("Engine key id: %s, algo %d\n", eng_key_id, eng_key_algo);
- if (expiration != 0) {
- ldns_key_set_expiration(key, expiration);
- }
- if (inception != 0) {
- ldns_key_set_inception(key, inception);
- }
-
s = ldns_key_new_frm_engine(&key, engine, eng_key_id, eng_key_algo);
if (s == LDNS_STATUS_OK) {
/* must be dnssec key */
fprintf(stderr, "Warning, key not suitable for signing, ignoring key with algorithm %u\n", ldns_key_algorithm(key));
break;
}
+ if (expiration != 0) {
+ ldns_key_set_expiration(key,
+ expiration);
+ }
+ if (inception != 0) {
+ ldns_key_set_inception(key,
+ inception);
+ }
} else {
printf("Error reading key '%s' from engine: %s\n", eng_key_id, ldns_get_errorstr_by_id(s));
#ifdef HAVE_SSL
(c >= 'a' && c <= 'f') ||
(c >= 'A' && c <= 'F') )
{
+ if (hexbufpos >= LDNS_MAX_PACKETLEN) {
+ error("buffer overflow");
+ LDNS_FREE(hexbuf);
+ return 0;
+
+ }
hexbuf[hexbufpos] = (uint8_t) c;
hexbufpos++;
} else if (c == ';') {
}
break;
case 2:
+ if (hexbufpos >= LDNS_MAX_PACKETLEN) {
+ error("buffer overflow");
+ LDNS_FREE(hexbuf);
+ return 0;
+ }
hexbuf[hexbufpos] = (uint8_t) c;
hexbufpos++;
break;
- default:
- error("unknown state while reading");
- LDNS_FREE(hexbuf);
- return 0;
- break;
}
}
/* lenient mode: length must be multiple of 2 */
if (hexbufpos % 2 != 0) {
+ if (hexbufpos >= LDNS_MAX_PACKETLEN) {
+ error("buffer overflow");
+ LDNS_FREE(hexbuf);
+ return 0;
+ }
hexbuf[hexbufpos] = (uint8_t) '0';
hexbufpos++;
}
if (!cur_next_name) {
cur_next_name = cur_first_name;
}
+ assert(cur_next_name); /* Because this function is called on nsec
+ * occurrence, it must be there!
+ */
next_owner_str = ldns_rdf2str(ldns_nsec3_next_owner(name->nsec));
next_owner_dname = ldns_dname_new_frm_str(next_owner_str);
return LDNS_STATUS_RES_NO_NS;
}
#ifdef HAVE_SSL
- if (tsig_mac && reply_bytes) {
+ if (tsig_mac && reply && reply_bytes) {
if (!ldns_pkt_tsig_verify(reply,
reply_bytes,
reply_size,
return (ssize_t)i;
tokenread:
- ldns_fskipcs_l(f, delim, line_nr);
+ ldns_fskipcs_l(f, del, line_nr);
*t = '\0';
if (p != 0) {
return -1;
return (ssize_t)i;
tokenread:
- ldns_bskipcs(b, delim);
+ ldns_bskipcs(b, del);
*t = '\0';
if (p != 0) {
gtr -= bgtr;
if(word[0] == '#') {
expect = LDNS_RESOLV_KEYWORD;
- ldns_buffer_free(b);
- continue;
+ break;
}
tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
if (!tmp) {
(size_t) gtr + 1);
}
ldns_buffer_free(b);
- gtr = 1;
- expect = LDNS_RESOLV_KEYWORD;
+ if (expect != LDNS_RESOLV_KEYWORD) {
+ gtr = 1;
+ expect = LDNS_RESOLV_KEYWORD;
+ }
break;
case LDNS_RESOLV_SORTLIST:
gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
newname = ldns_dname_cat_clone((const ldns_rdf*)name, ldns_resolver_domain(r));
if (!newname) {
- if (pkt) {
- ldns_pkt_free(pkt);
- }
return NULL;
}
return NULL;
} else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) {
rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt));
- fprintf(stderr, "Error in AXFR: %s\n", rcode->name);
+ if (rcode) {
+ fprintf(stderr, "Error in AXFR: %s\n",
+ rcode->name);
+ } else {
+ fprintf(stderr, "Error in AXFR: %d\n",
+ (int) ldns_pkt_get_rcode(
+ resolver->_cur_axfr_pkt));
+ }
/* RoRi: we must now also close the socket, otherwise subsequent uses of the
same resolver structure will fail because the link is still open or
data[0] = (uint8_t) proto->p_proto;
} else if (proto_str) {
data[0] = (uint8_t) atoi(proto_str);
- } else {
- data[0] = 0;
}
memcpy(data + 1, bitmap, (size_t) bm_len);
projects / thirdparty / ldns.git / commitdiff
