git.ipfire.org Git - thirdparty/bind9.git/commit

author	Mark Andrews <marka@isc.org>
	Tue, 9 Jul 2024 01:59:39 +0000 (11:59 +1000)
committer	Mark Andrews <marka@isc.org>
	Sun, 4 Aug 2024 23:52:20 +0000 (23:52 +0000)
commit	02cb4823db09c940c46cd77cbaf19d1137efcd9c
tree	7d52d158627a3b5c2a780d5bc1d3784c2f3b9a41	tree \| snapshot
parent	89724dcca35aea2a5cec67d91fe6f2be087de916	commit \| diff

Prevent overflow of size

If size overflows we will have an infinite loop.  In practice
this will not happen unless we have made a coding error.  Add
an INSIST to detect this condition.

    181        while (!done) {
    182                isc_buffer_allocate(mctx, &b, size);
    183                result = dns_rdata_totext(rdata, NULL, b);
    184                if (result == ISC_R_SUCCESS) {
    185                        printf("%.*s\n", (int)isc_buffer_usedlength(b),
    186                               (char *)isc_buffer_base(b));
    187                        done = true;
    188                } else if (result != ISC_R_NOSPACE) {
    189                        check_result(result, "dns_rdata_totext");
    190                }
    191                isc_buffer_free(&b);

    CID 498025: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
    overflow_const: Expression size, which is equal to 0, overflows the type that
    receives it, an unsigned integer 32 bits wide.
    192                size *= 2;
    193        }

(cherry picked from commit e7ef0a60ab4ffedf5a8defe86a02452b0ee124ab)