From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 19 Apr 2021 10:18:50 +0000 (+0200)
Subject: auth: Prevent dereferencing std::string::end() in SimpleMatch
X-Git-Tag: dnsdist-1.6.0-rc2~11^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=17c752211f039e214d6b055e5f160dfff297b3ae;p=thirdparty%2Fpdns.git

auth: Prevent dereferencing std::string::end() in SimpleMatch

SimpleMatch is called with user-supplied strings in the API and the
bind backend. We might get away with it in most cases because
std::strings are null-terminated, but it's still undefined behaviour
as there is no guarantee that end() will point to the terminator.

Reported by cppcheck 2.4.1:
```
misc.hh:501:16: warning: Either the condition 'mi==d_mask.end()' is redundant or there is possible dereference of an invalid iterator: mi. [derefInvalidIteratorRedundantCheck]
        while(*mi == '*') ++mi;
               ^
misc.hh:502:16: note: Assuming that condition 'mi==d_mask.end()' is not redundant
        if (mi == d_mask.end()) return true;
               ^
misc.hh:501:16: note: Dereference of an invalid iterator
        while(*mi == '*') ++mi;
```
---

diff --git a/pdns/misc.hh b/pdns/misc.hh
index 44d4482870..38f06bc1b5 100644
--- a/pdns/misc.hh
+++ b/pdns/misc.hh
@@ -498,7 +498,7 @@ public:
         if (vi == vend) return false;
         ++vi;
       } else if (*mi == '*') {
-        while(*mi == '*') ++mi;
+        while(mi != mend && *mi == '*') ++mi;
         if (mi == d_mask.end()) return true;
         while(vi != vend) {
           if (match(mi,mend,vi,vend)) return true;