summaryrefslogtreecommitdiff
path: root/lib/libc
diff options
context:
space:
mode:
authorJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2002-06-26 06:01:17 +0000
committerJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2002-06-26 06:01:17 +0000
commit3582dcab3a1f368876231dad9d11e0beb074cffc (patch)
tree6e1e8820a87326c9f4b8b003f79d1f9c42b39214 /lib/libc
parente40c48d42917506d1a5e208a35251c588f4f104d (diff)
correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use fixed point (ep) as the ending pointer. this fix is NOT critical.
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/net/getaddrinfo.c17
-rw-r--r--lib/libc/net/res_mkquery.c31
2 files changed, 22 insertions, 26 deletions
diff --git a/lib/libc/net/getaddrinfo.c b/lib/libc/net/getaddrinfo.c
index d16900b4a0e..3f4d9164863 100644
--- a/lib/libc/net/getaddrinfo.c
+++ b/lib/libc/net/getaddrinfo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getaddrinfo.c,v 1.33 2002/02/17 19:42:23 millert Exp $ */
+/* $OpenBSD: getaddrinfo.c,v 1.34 2002/06/26 06:01:16 itojun Exp $ */
/* $KAME: getaddrinfo.c,v 1.31 2000/08/31 17:36:43 itojun Exp $ */
/*
@@ -1031,8 +1031,8 @@ getanswer(answer, anslen, qname, qtype, pai)
const u_char *cp;
int n;
const u_char *eom;
- char *bp;
- int type, class, buflen, ancount, qdcount;
+ char *bp, *ep;
+ int type, class, ancount, qdcount;
int haveanswer, had_error;
char tbuf[MAXDNAME];
int (*name_ok)(const char *);
@@ -1059,13 +1059,13 @@ getanswer(answer, anslen, qname, qtype, pai)
ancount = ntohs(hp->ancount);
qdcount = ntohs(hp->qdcount);
bp = hostbuf;
- buflen = sizeof hostbuf;
+ ep = hostbuf + sizeof hostbuf;
cp = answer->buf + HFIXEDSZ;
if (qdcount != 1) {
h_errno = NO_RECOVERY;
return (NULL);
}
- n = dn_expand(answer->buf, eom, cp, bp, buflen);
+ n = dn_expand(answer->buf, eom, cp, bp, ep - bp);
if ((n < 0) || !(*name_ok)(bp)) {
h_errno = NO_RECOVERY;
return (NULL);
@@ -1083,14 +1083,13 @@ getanswer(answer, anslen, qname, qtype, pai)
}
canonname = bp;
bp += n;
- buflen -= n;
/* The qname can be abbreviated, but h_name is now absolute. */
qname = canonname;
}
haveanswer = 0;
had_error = 0;
while (ancount-- > 0 && cp < eom && !had_error) {
- n = dn_expand(answer->buf, eom, cp, bp, buflen);
+ n = dn_expand(answer->buf, eom, cp, bp, ep - bp);
if ((n < 0) || !(*name_ok)(bp)) {
had_error++;
continue;
@@ -1117,14 +1116,13 @@ getanswer(answer, anslen, qname, qtype, pai)
cp += n;
/* Get canonical name. */
n = strlen(tbuf) + 1; /* for the \0 */
- if (n > buflen || n >= MAXHOSTNAMELEN) {
+ if (n > ep - bp || n >= MAXHOSTNAMELEN) {
had_error++;
continue;
}
strcpy(bp, tbuf);
canonname = bp;
bp += n;
- buflen -= n;
continue;
}
if (qtype == T_ANY) {
@@ -1164,7 +1162,6 @@ getanswer(answer, anslen, qname, qtype, pai)
canonname = bp;
nn = strlen(bp) + 1; /* for the \0 */
bp += nn;
- buflen -= nn;
}
/* don't overwrite pai */
diff --git a/lib/libc/net/res_mkquery.c b/lib/libc/net/res_mkquery.c
index e414b5060d9..6e57ec32178 100644
--- a/lib/libc/net/res_mkquery.c
+++ b/lib/libc/net/res_mkquery.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: res_mkquery.c,v 1.10 2001/07/31 22:02:18 jakob Exp $ */
+/* $OpenBSD: res_mkquery.c,v 1.11 2002/06/26 06:01:16 itojun Exp $ */
/*
* ++Copyright++ 1985, 1993
@@ -60,7 +60,7 @@
static char sccsid[] = "@(#)res_mkquery.c 8.1 (Berkeley) 6/4/93";
static char rcsid[] = "$From: res_mkquery.c,v 8.5 1996/08/27 08:33:28 vixie Exp $";
#else
-static char rcsid[] = "$OpenBSD: res_mkquery.c,v 1.10 2001/07/31 22:02:18 jakob Exp $";
+static char rcsid[] = "$OpenBSD: res_mkquery.c,v 1.11 2002/06/26 06:01:16 itojun Exp $";
#endif
#endif /* LIBC_SCCS and not lint */
@@ -91,7 +91,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
int buflen; /* size of buffer */
{
register HEADER *hp;
- register u_char *cp;
+ register u_char *cp, *ep;
register int n;
u_char *dnptrs[20], **dpp, **lastdnptr;
@@ -122,7 +122,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
hp->rd = (_res.options & RES_RECURSE) != 0;
hp->rcode = NOERROR;
cp = buf + HFIXEDSZ;
- buflen -= HFIXEDSZ;
+ ep = buf + buflen;
dpp = dnptrs;
*dpp++ = buf;
*dpp++ = NULL;
@@ -133,12 +133,12 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
switch (op) {
case QUERY: /*FALLTHROUGH*/
case NS_NOTIFY_OP:
- if ((buflen -= QFIXEDSZ) < 0)
+ if (ep - cp < QFIXEDSZ)
return (-1);
- if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0)
+ if ((n = dn_comp(dname, cp, ep - cp - QFIXEDSZ, dnptrs,
+ lastdnptr)) < 0)
return (-1);
cp += n;
- buflen -= n;
__putshort(type, cp);
cp += INT16SZ;
__putshort(class, cp);
@@ -149,12 +149,13 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
/*
* Make an additional record for completion domain.
*/
- buflen -= RRFIXEDSZ;
- n = dn_comp((char *)data, cp, buflen, dnptrs, lastdnptr);
+ if (ep - cp < RRFIXEDSZ)
+ return (-1);
+ n = dn_comp((char *)data, cp, ep - cp - RRFIXEDSZ, dnptrs,
+ lastdnptr);
if (n < 0)
return (-1);
cp += n;
- buflen -= n;
__putshort(T_NULL, cp);
cp += INT16SZ;
__putshort(class, cp);
@@ -170,7 +171,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
/*
* Initialize answer section
*/
- if (buflen < 1 + RRFIXEDSZ + datalen)
+ if (ep - cp < 1 + RRFIXEDSZ + datalen)
return (-1);
*cp++ = '\0'; /* no domain name */
__putshort(type, cp);
@@ -203,17 +204,16 @@ res_opt(n0, buf, buflen, anslen)
int anslen; /* answer buffer length */
{
register HEADER *hp;
- register u_char *cp;
+ register u_char *cp, *ep;
hp = (HEADER *) buf;
cp = buf + n0;
- buflen -= n0;
+ ep = buf + buflen;
- if (buflen < 1 + RRFIXEDSZ)
+ if (ep - cp < 1 + RRFIXEDSZ)
return -1;
*cp++ = 0; /* "." */
- buflen--;
__putshort(T_OPT, cp); /* TYPE */
cp += INT16SZ;
@@ -235,7 +235,6 @@ res_opt(n0, buf, buflen, anslen)
__putshort(0, cp); /* RDLEN */
cp += INT16SZ;
hp->arcount = htons(ntohs(hp->arcount) + 1);
- buflen -= RRFIXEDSZ;
return cp - buf;
}