From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Tue, 16 Oct 2007 14:39:27 +0000 (+0000)
Subject: size_t no underflow.
X-Git-Tag: release-0.6~63
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=631ccb58bf3409674d93a2ef978a0e87bd973496;p=thirdparty%2Funbound.git

size_t no underflow.


git-svn-id: file:///svn/unbound/trunk@681 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/doc/Changelog b/doc/Changelog
index 229789f81..1b25a456d 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -10,6 +10,7 @@
 	- dname_pkt_copy checks length of result, to protect result buffers.
 	  prints an error, this should not happen. Bad strings should have
 	  been rejected earlier in the program.
+	- remove a size_t underflow from msgreply size func.
 
 15 October 2007: Wouter
 	- nicer warning.
diff --git a/util/data/msgreply.c b/util/data/msgreply.c
index 91f9256af..77dae9346 100644
--- a/util/data/msgreply.c
+++ b/util/data/msgreply.c
@@ -529,8 +529,9 @@ msgreply_sizefunc(void* k, void* d)
 	struct msgreply_entry* q = (struct msgreply_entry*)k;
 	struct reply_info* r = (struct reply_info*)d;
 	size_t s = sizeof(struct msgreply_entry) + sizeof(struct reply_info)
-		+ q->key.qname_len + lock_get_mem(&q->entry.lock);
-	s += (r->rrset_count-1) * sizeof(struct rrset_ref);
+		+ q->key.qname_len + lock_get_mem(&q->entry.lock)
+		- sizeof(struct rrset_ref);
+	s += r->rrset_count * sizeof(struct rrset_ref);
 	s += r->rrset_count * sizeof(struct ub_packed_rrset_key*);
 	return s;
 }