From: Ondřej Surý Date: Fri, 28 Aug 2020 07:30:29 +0000 (+0200) Subject: Fix off-by-one error when calculating new hashtable size X-Git-Tag: v9.17.5~26^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=78543ad5a7731e5f3a309c73e90a552df1a44af1;p=thirdparty%2Fbind9.git Fix off-by-one error when calculating new hashtable size When calculating the new hashtable bitsize, there was an off-by-one error that would allow the new bitsize to be larger than maximum allowed causing assertion failure in the rehash() function. --- diff --git a/lib/dns/rbt.c b/lib/dns/rbt.c index aaa1acf6c7c..82c8ef77fb7 100644 --- a/lib/dns/rbt.c +++ b/lib/dns/rbt.c @@ -2330,10 +2330,9 @@ inithash(dns_rbt_t *rbt) { static uint32_t rehash_bits(dns_rbt_t *rbt, size_t newcount) { - uint32_t oldbits = rbt->hashbits; - uint32_t newbits = oldbits; + uint32_t newbits = rbt->hashbits; - while (newcount >= HASHSIZE(newbits) && newbits <= rbt->maxhashbits) { + while (newcount >= HASHSIZE(newbits) && newbits < rbt->maxhashbits) { newbits += 1; } @@ -2380,7 +2379,7 @@ rehash(dns_rbt_t *rbt, uint32_t newbits) { static void maybe_rehash(dns_rbt_t *rbt, size_t newcount) { uint32_t newbits = rehash_bits(rbt, newcount); - if (rbt->hashbits < newbits && newbits <= RBT_HASH_MAX_BITS) { + if (rbt->hashbits < newbits && newbits <= rbt->maxhashbits) { rehash(rbt, newbits); } }