From: Mark Andrews Date: Wed, 8 Mar 2023 05:38:11 +0000 (+1100) Subject: Add additional contraints to dns_rdata_checksvcb X-Git-Tag: v9.19.12~91^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e37c9702aee05f82e7552e6518992065ff8ce67b;p=thirdparty%2Fbind9.git Add additional contraints to dns_rdata_checksvcb REQUIRE that rdata->type is dns_rdatatype_svcb to detect when dns_rdata_checksvcb is called with the wrong rdata type. There are no code paths that currently pass the wrong rdata to dns_rdata_checksvcb. This was found by GCC 12 static analysis. --- diff --git a/lib/dns/include/dns/rdata.h b/lib/dns/include/dns/rdata.h index 338af3a3a0b..1ff135e697c 100644 --- a/lib/dns/include/dns/rdata.h +++ b/lib/dns/include/dns/rdata.h @@ -806,7 +806,7 @@ dns_rdata_checksvcb(const dns_name_t *owner, const dns_rdata_t *rdata); * * Requires: *\li 'owner' is a valid name. - *\li 'rdata' is a valid, non-empty rdata. + *\li 'rdata' is a valid, non-empty SVCB rdata. * * Returns: *\li #ISC_R_SUCCESS -- success, the data is valid diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 7ecc4a9a4d6..d90ef212f44 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -2435,6 +2435,7 @@ dns_rdata_checksvcb(const dns_name_t *owner, const dns_rdata_t *rdata) { REQUIRE(owner != NULL); REQUIRE(rdata != NULL); + REQUIRE(rdata->type == dns_rdatatype_svcb); REQUIRE(DNS_RDATA_VALIDFLAGS(rdata)); result = dns_rdata_tostruct(rdata, &svcb, NULL);