Prevent overflow of size

If size overflows we will have an infinite loop.  In practice
this will not happen unless we have made a coding error.  Add
an INSIST to detect this condition.

    181        while (!done) {
    182                isc_buffer_allocate(mctx, &b, size);
    183                result = dns_rdata_totext(rdata, NULL, b);
    184                if (result == ISC_R_SUCCESS) {
    185                        printf("%.*s\n", (int)isc_buffer_usedlength(b),
    186                               (char *)isc_buffer_base(b));
    187                        done = true;
    188                } else if (result != ISC_R_NOSPACE) {
    189                        check_result(result, "dns_rdata_totext");
    190                }
    191                isc_buffer_free(&b);

    CID 498025: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
    overflow_const: Expression size, which is equal to 0, overflows the type that
    receives it, an unsigned integer 32 bits wide.
    192                size *= 2;
    193        }

diff --git a/bin/dig/nslookup.c b/bin/dig/nslookup.c
index 12ba49d3117a37ee50ddfdb66f018b0558309cfe..4b813511b7547322533af484a8c8c5d5548a9b6f 100644 (file)
--- a/bin/dig/nslookup.c
+++ b/bin/dig/nslookup.c
@@ -189,6 +189,7 @@ printrdata(dns_rdata_t *rdata) {
                        check_result(result, "dns_rdata_totext");
                }
                isc_buffer_free(&b);
+               INSIST(size <= (UINT_MAX / 2));
                size *= 2;
        }
 }