From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Tue, 12 Jan 2016 14:29:53 +0000 (+0100)
Subject: nameserv: return at most 16 addresses from DNS_Name2IPAddress()
X-Git-Tag: 2.3-pre1~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c6554bfd30fa7c62ad5148a0d601a84a96d4f22d;p=thirdparty%2Fchrony.git

nameserv: return at most 16 addresses from DNS_Name2IPAddress()

This is the same limit as in the asynchronous resolver. Use common macro
for all buffers storing IP addresses.
---

diff --git a/client.c b/client.c
index 728f14e0..5114cf43 100644
--- a/client.c
+++ b/client.c
@@ -135,14 +135,12 @@ read_line(void)
 
 /* ================================================== */
 
-#define MAX_ADDRESSES 16
-
 static ARR_Instance
 get_sockaddrs(const char *hostnames, int port)
 {
   ARR_Instance addrs;
   char *hostname, *s1, *s2;
-  IPAddr ip_addrs[MAX_ADDRESSES];
+  IPAddr ip_addrs[DNS_MAX_ADDRESSES];
   union sockaddr_all *addr;
   int i;
 
@@ -163,12 +161,12 @@ get_sockaddrs(const char *hostnames, int port)
         LOG_FATAL(LOGF_Client, "Unix socket path too long");
       addr->un.sun_family = AF_UNIX;
     } else {
-      if (DNS_Name2IPAddress(hostname, ip_addrs, MAX_ADDRESSES) != DNS_Success) {
+      if (DNS_Name2IPAddress(hostname, ip_addrs, DNS_MAX_ADDRESSES) != DNS_Success) {
         DEBUG_LOG(LOGF_Client, "Could not get IP address for %s", hostname);
         break;
       }
 
-      for (i = 0; i < MAX_ADDRESSES && ip_addrs[i].family != IPADDR_UNSPEC; i++) {
+      for (i = 0; i < DNS_MAX_ADDRESSES && ip_addrs[i].family != IPADDR_UNSPEC; i++) {
         addr = (union sockaddr_all *)ARR_GetNewElement(addrs);
         UTI_IPAndPortToSockaddr(&ip_addrs[i], port, (struct sockaddr *)addr);
         DEBUG_LOG(LOGF_Client, "Resolved %s to %s", hostname, UTI_IPToString(&ip_addrs[i]));
diff --git a/nameserv.c b/nameserv.c
index bb9309e2..b5899e7a 100644
--- a/nameserv.c
+++ b/nameserv.c
@@ -49,7 +49,9 @@ DNS_Name2IPAddress(const char *name, IPAddr *ip_addrs, int max_addrs)
 #ifdef HAVE_GETADDRINFO
   struct addrinfo hints, *res, *ai;
   int i, result;
-  
+
+  max_addrs = MIN(max_addrs, DNS_MAX_ADDRESSES);
+
   memset(&hints, 0, sizeof (hints));
   hints.ai_family = AF_UNSPEC;
   hints.ai_socktype = SOCK_STREAM;
@@ -99,6 +101,8 @@ DNS_Name2IPAddress(const char *name, IPAddr *ip_addrs, int max_addrs)
   if (address_family != IPADDR_UNSPEC && address_family != IPADDR_INET4)
     return DNS_Failure;
 
+  max_addrs = MIN(max_addrs, DNS_MAX_ADDRESSES);
+
   host = gethostbyname(name);
 
   if (host == NULL) {
diff --git a/nameserv.h b/nameserv.h
index 341a609f..dbef61a3 100644
--- a/nameserv.h
+++ b/nameserv.h
@@ -39,6 +39,9 @@ typedef enum {
 /* Resolve names only to selected address family */
 extern void DNS_SetAddressFamily(int family);
 
+/* Maximum number of addresses returned by DNS_Name2IPAddress */
+#define DNS_MAX_ADDRESSES 16
+
 extern DNS_Status DNS_Name2IPAddress(const char *name, IPAddr *ip_addrs, int max_addrs);
 
 extern int DNS_IPAddress2Name(IPAddr *ip_addr, char *name, int len);
diff --git a/nameserv_async.c b/nameserv_async.c
index 1ceeb28b..89954d6a 100644
--- a/nameserv_async.c
+++ b/nameserv_async.c
@@ -37,14 +37,12 @@
 #ifdef USE_PTHREAD_ASYNCDNS
 #include <pthread.h>
 
-#define MAX_ADDRESSES 16
-
 /* ================================================== */
 
 struct DNS_Async_Instance {
   const char *name;
   DNS_Status status;
-  IPAddr addresses[MAX_ADDRESSES];
+  IPAddr addresses[DNS_MAX_ADDRESSES];
   DNS_NameResolveHandler handler;
   void *arg;
 
@@ -61,7 +59,7 @@ start_resolving(void *anything)
 {
   struct DNS_Async_Instance *inst = (struct DNS_Async_Instance *)anything;
 
-  inst->status = DNS_Name2IPAddress(inst->name, inst->addresses, MAX_ADDRESSES);
+  inst->status = DNS_Name2IPAddress(inst->name, inst->addresses, DNS_MAX_ADDRESSES);
 
   /* Notify the main thread that the result is ready */
   if (write(inst->pipe[1], "", 1) < 0)
@@ -88,7 +86,7 @@ end_resolving(void *anything)
   close(inst->pipe[0]);
   close(inst->pipe[1]);
 
-  for (i = 0; inst->status == DNS_Success && i < MAX_ADDRESSES &&
+  for (i = 0; inst->status == DNS_Success && i < DNS_MAX_ADDRESSES &&
               inst->addresses[i].family != IPADDR_UNSPEC; i++)
     ;
 
diff --git a/stubs.c b/stubs.c
index 7a623c71..0c7414cc 100644
--- a/stubs.c
+++ b/stubs.c
@@ -43,8 +43,6 @@
 
 #ifndef FEAT_ASYNCDNS
 
-#define MAX_ADDRESSES 16
-
 /* This is a blocking implementation used when asynchronous resolving is not available */
 
 struct DNS_Async_Instance {
@@ -57,14 +55,14 @@ static void
 resolve_name(void *anything)
 {
   struct DNS_Async_Instance *inst;
-  IPAddr addrs[MAX_ADDRESSES];
+  IPAddr addrs[DNS_MAX_ADDRESSES];
   DNS_Status status;
   int i;
 
   inst = (struct DNS_Async_Instance *)anything;
-  status = DNS_Name2IPAddress(inst->name, addrs, MAX_ADDRESSES);
+  status = DNS_Name2IPAddress(inst->name, addrs, DNS_MAX_ADDRESSES);
 
-  for (i = 0; status == DNS_Success && i < MAX_ADDRESSES &&
+  for (i = 0; status == DNS_Success && i < DNS_MAX_ADDRESSES &&
        addrs[i].family != IPADDR_UNSPEC; i++)
     ;