git.ipfire.org Git - thirdparty/bind9.git/commit

author	Mark Andrews <marka@isc.org>
	Wed, 7 Jul 2021 02:09:31 +0000 (12:09 +1000)
committer	Mark Andrews <marka@isc.org>
	Mon, 12 Jul 2021 00:22:07 +0000 (00:22 +0000)
commit	83fd38dd2ccf682fee117c389f17b2e0089e36aa
tree	098094bb662066ad8c936be404be7e569d206eac	tree \| snapshot
parent	d7aa979a6c3f5a639012ec5981992fc8a3867525	commit \| diff

Silence use of tainted scalar

    2607
            43. tainted_argument: Calling function journal_read_xhdr taints argument xhdr.size. [show details]
    2608                        result = journal_read_xhdr(j1, &xhdr);
            44. Condition rewrite, taking true branch.
            45. Condition result == 29, taking false branch.
    2609                        if (rewrite && result == ISC_R_NOMORE) {
    2610                                break;
    2611                        }
            46. Condition result != 0, taking false branch.
    2612                        CHECK(result);
    2613
            47. var_assign_var: Assigning: size = xhdr.size. Both are now tainted.
    2614                        size = xhdr.size;

            CID 331088 (#3 of 3): Untrusted allocation size (TAINTED_SCALAR)
            48. tainted_data: Passing tainted expression size to isc__mem_get, which uses it as an allocation size. [show details]
            Ensure that tainted values are properly sanitized, by checking that their values are within a permissible range.
    2615                        buf = isc_mem_get(mctx, size);