aboutsummaryrefslogtreecommitdiff
path: root/resolv
diff options
context:
space:
mode:
Diffstat (limited to 'resolv')
-rw-r--r--resolv/Banner2
-rw-r--r--resolv/base64.c10
-rw-r--r--resolv/gethnamaddr.c44
-rw-r--r--resolv/inet_net_pton.c2
-rw-r--r--resolv/nss_dns/dns-host.c32
-rw-r--r--resolv/res_comp.c7
-rw-r--r--resolv/res_debug.c49
-rw-r--r--resolv/res_init.c2
-rw-r--r--resolv/res_send.c5
9 files changed, 104 insertions, 49 deletions
diff --git a/resolv/Banner b/resolv/Banner
index d11ab50..a792533 100644
--- a/resolv/Banner
+++ b/resolv/Banner
@@ -1 +1 @@
-BIND-4.9.5-P1
+BIND-4.9.6-T1A
diff --git a/resolv/base64.c b/resolv/base64.c
index 5d9eb6e..4e7e2a0 100644
--- a/resolv/base64.c
+++ b/resolv/base64.c
@@ -281,7 +281,12 @@ b64_pton(src, target, targsize)
case 2: /* Valid, means one byte of info */
/* Skip any number of spaces. */
+#ifdef _LIBC
+ /* To avoid warnings. */
for ( ; ch != '\0'; ch = *src++)
+#else
+ for (NULL; ch != '\0'; ch = *src++)
+#endif
if (!isspace(ch))
break;
/* Make sure there is another trailing = sign. */
@@ -296,7 +301,12 @@ b64_pton(src, target, targsize)
* We know this char is an =. Is there anything but
* whitespace after it?
*/
+#ifdef _LIBC
+ /* To avoid warnings. */
for ( ; ch != '\0'; ch = *src++)
+#else
+ for (NULL; ch != '\0'; ch = *src++)
+#endif
if (!isspace(ch))
return (-1);
diff --git a/resolv/gethnamaddr.c b/resolv/gethnamaddr.c
index 114875b..f2def79 100644
--- a/resolv/gethnamaddr.c
+++ b/resolv/gethnamaddr.c
@@ -212,6 +212,10 @@ getanswer(answer, anslen, qname, qtype)
* (i.e., with the succeeding search-domain tacked on).
*/
n = strlen(bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN) {
+ __set_h_errno (NO_RECOVERY);
+ return (NULL);
+ }
host.h_name = bp;
bp += n;
buflen -= n;
@@ -256,11 +260,15 @@ getanswer(answer, anslen, qname, qtype)
/* Store alias. */
*ap++ = bp;
n = strlen(bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN) {
+ had_error++;
+ continue;
+ }
bp += n;
buflen -= n;
/* Get canonical name. */
n = strlen(tbuf) + 1; /* for the \0 */
- if (n > buflen) {
+ if (n > buflen || n >= MAXHOSTNAMELEN) {
had_error++;
continue;
}
@@ -272,14 +280,14 @@ getanswer(answer, anslen, qname, qtype)
}
if (qtype == T_PTR && type == T_CNAME) {
n = dn_expand(answer->buf, eom, cp, tbuf, sizeof tbuf);
- if ((n < 0) || !res_hnok(tbuf)) {
+ if (n < 0 || !res_hnok(tbuf)) {
had_error++;
continue;
}
cp += n;
/* Get canonical name. */
n = strlen(tbuf) + 1; /* for the \0 */
- if (n > buflen) {
+ if (n > buflen || n >= MAXHOSTNAMELEN) {
had_error++;
continue;
}
@@ -320,6 +328,10 @@ getanswer(answer, anslen, qname, qtype)
n = -1;
if (n != -1) {
n = strlen(bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN) {
+ had_error++;
+ break;
+ }
bp += n;
buflen -= n;
}
@@ -328,6 +340,10 @@ getanswer(answer, anslen, qname, qtype)
host.h_name = bp;
if (_res.options & RES_USE_INET6) {
n = strlen(bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN) {
+ had_error++;
+ break;
+ }
bp += n;
buflen -= n;
map_v4v6_hostent(&host, &bp, &buflen);
@@ -395,8 +411,8 @@ getanswer(answer, anslen, qname, qtype)
# endif /*RESOLVSORT*/
if (!host.h_name) {
n = strlen(qname) + 1; /* for the \0 */
- if (n > buflen)
- goto try_again;
+ if (n > buflen || n >= MAXHOSTNAMELEN)
+ goto no_recovery;
strcpy(bp, qname);
host.h_name = bp;
bp += n;
@@ -407,8 +423,8 @@ getanswer(answer, anslen, qname, qtype)
__set_h_errno (NETDB_SUCCESS);
return (&host);
}
- try_again:
- __set_h_errno (TRY_AGAIN);
+ no_recovery:
+ __set_h_errno (NO_RECOVERY);
return (NULL);
}
@@ -508,13 +524,12 @@ gethostbyname2(name, af)
if (!isdigit(*cp) && *cp != '.')
break;
}
- if (isxdigit(name[0]) || name[0] == ':')
+ if ((isxdigit(name[0]) && strchr(name, ':') != NULL) ||
+ name[0] == ':')
for (cp = name;; ++cp) {
if (!*cp) {
if (*--cp == '.')
break;
- if (!strchr(name, ':'))
- break;
/*
* All-IPv6-legal, no dot at the end.
* Fake up a hostent as if we'd actually
@@ -719,8 +734,7 @@ _gethtent()
if (!(cp = strpbrk(p, " \t")))
goto again;
*cp++ = '\0';
- if ((_res.options & RES_USE_INET6) &&
- inet_pton(AF_INET6, p, host_addr) > 0) {
+ if (inet_pton(AF_INET6, p, host_addr) > 0) {
af = AF_INET6;
len = IN6ADDRSZ;
} else if (inet_pton(AF_INET, p, host_addr) > 0) {
@@ -757,12 +771,6 @@ _gethtent()
*cp++ = '\0';
}
*q = NULL;
- if (_res.options & RES_USE_INET6) {
- char *bp = hostbuf;
- int buflen = sizeof hostbuf;
-
- map_v4v6_hostent(&host, &bp, &buflen);
- }
__set_h_errno (NETDB_SUCCESS);
return (&host);
}
diff --git a/resolv/inet_net_pton.c b/resolv/inet_net_pton.c
index 0c26931..bf6fe02 100644
--- a/resolv/inet_net_pton.c
+++ b/resolv/inet_net_pton.c
@@ -166,7 +166,7 @@ inet_net_pton_ipv4(src, dst, size)
goto emsgsize;
}
- /* Fiery death and destruction unless we prefetched EOS. */
+ /* Firey death and destruction unless we prefetched EOS. */
if (ch != '\0')
goto enoent;
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index 65a668e..19ca33e 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -342,6 +342,11 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
* (i.e., with the succeeding search-domain tacked on).
*/
n = strlen (bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN)
+ {
+ __set_h_errno (NO_RECOVERY);
+ return NSS_STATUS_TRYAGAIN;
+ }
result->h_name = bp;
bp += n;
linebuflen -= n;
@@ -396,11 +401,16 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
/* Store alias. */
*ap++ = bp;
n = strlen (bp) + 1; /* For the \0. */
+ if (n >= MAXHOSTNAMELEN)
+ {
+ ++had_error;
+ continue;
+ }
bp += n;
linebuflen -= n;
/* Get canonical name. */
n = strlen (tbuf) + 1; /* For the \0. */
- if ((size_t) n > buflen)
+ if ((size_t) n > buflen || n >= MAXHOSTNAMELEN)
{
++had_error;
continue;
@@ -423,7 +433,7 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
cp += n;
/* Get canonical name. */
n = strlen (tbuf) + 1; /* For the \0. */
- if ((size_t) n > buflen)
+ if ((size_t) n > buflen || n >= MAXHOSTNAMELEN)
{
++had_error;
continue;
@@ -469,6 +479,11 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
if (n != -1)
{
n = strlen (bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN)
+ {
+ ++had_error;
+ break;
+ }
bp += n;
linebuflen -= n;
}
@@ -478,6 +493,11 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
if (_res.options & RES_USE_INET6)
{
n = strlen (bp) + 1; /* for the \0 */
+ if (n >= MAXHOSTNAMELEN)
+ {
+ ++had_error;
+ break;
+ }
bp += n;
linebuflen -= n;
map_v4v6_hostent (result, &bp, &linebuflen);
@@ -549,8 +569,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
if (result->h_name == NULL)
{
n = strlen (qname) + 1; /* For the \0. */
- if (n > linebuflen)
- goto try_again;
+ if (n > linebuflen || n >= MAXHOSTNAMELEN)
+ goto no_recovery;
strcpy (bp, qname); /* Cannot overflow. */
result->h_name = bp;
bp += n;
@@ -562,7 +582,7 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
*h_errnop = NETDB_SUCCESS;
return NSS_STATUS_SUCCESS;
}
-try_again:
- *h_errnop = TRY_AGAIN;
+ no_recovery:
+ *h_errnop = NO_RECOVERY;
return NSS_STATUS_TRYAGAIN;
}
diff --git a/resolv/res_comp.c b/resolv/res_comp.c
index a9ca69e..ed4bcdc 100644
--- a/resolv/res_comp.c
+++ b/resolv/res_comp.c
@@ -94,7 +94,7 @@ dn_expand(msg, eomorig, comp_dn, exp_dn, length)
register char *dn;
register int n, c;
char *eom;
- int len = -1, checked = 0;
+ int len = -1, checked = 0, octets = 0;
dn = exp_dn;
cp = comp_dn;
@@ -108,6 +108,9 @@ dn_expand(msg, eomorig, comp_dn, exp_dn, length)
*/
switch (n & INDIR_MASK) {
case 0:
+ octets += (n + 1);
+ if (octets > MAXCDNAME)
+ return (-1);
if (dn != exp_dn) {
if (dn >= eom)
return (-1);
@@ -179,6 +182,8 @@ dn_comp(exp_dn, comp_dn, length, dnptrs, lastdnptr)
dn = (u_char *)exp_dn;
cp = comp_dn;
+ if (length > MAXCDNAME)
+ length = MAXCDNAME;
eob = cp + length;
lpp = cpp = NULL;
if (dnptrs != NULL) {
diff --git a/resolv/res_debug.c b/resolv/res_debug.c
index fa2ca80..3afe8c2 100644
--- a/resolv/res_debug.c
+++ b/resolv/res_debug.c
@@ -1146,40 +1146,47 @@ static u_int8_t
precsize_aton(strptr)
char **strptr;
{
- unsigned int mval = 0, cmval = 0;
u_int8_t retval = 0;
- register char *cp;
- register int exponent;
- register int mantissa;
+ char *cp;
+ int exponent = 0;
+ int mantissa = 0;
cp = *strptr;
+ while (isdigit(*cp)) {
+ if (mantissa == 0)
+ mantissa = *cp - '0';
+ else
+ exponent++;
+ cp++;
+ }
- while (isdigit(*cp))
- mval = mval * 10 + (*cp++ - '0');
-
- if (*cp == '.') { /* centimeters */
+ if (*cp == '.') {
cp++;
if (isdigit(*cp)) {
- cmval = (*cp++ - '0') * 10;
+ if (mantissa == 0)
+ mantissa = *cp - '0';
+ else
+ exponent++;
+ cp++;
+
if (isdigit(*cp)) {
- cmval += (*cp++ - '0');
+ if (mantissa == 0)
+ mantissa = *cp - '0';
+ else
+ exponent++;
+ cp++;
}
+ else
+ exponent++;
}
}
- cmval = (mval * 100) + cmval;
-
- for (exponent = 0; exponent < 9; exponent++)
- if (cmval < poweroften[exponent+1])
- break;
-
- mantissa = cmval / poweroften[exponent];
- if (mantissa > 9)
- mantissa = 9;
+ else
+ exponent += 2;
+ if (mantissa == 0)
+ exponent = 0;
retval = (mantissa << 4) | exponent;
-
*strptr = cp;
-
return (retval);
}
diff --git a/resolv/res_init.c b/resolv/res_init.c
index 91f9f40..755b88d 100644
--- a/resolv/res_init.c
+++ b/resolv/res_init.c
@@ -159,7 +159,7 @@ res_init()
register FILE *fp;
register char *cp, **pp;
register int n;
- char buf[BUFSIZ];
+ char buf[MAXDNAME];
int nserv = 0; /* number of nameserver records read from file */
int haveenv = 0;
int havesearch = 0;
diff --git a/resolv/res_send.c b/resolv/res_send.c
index 60d8ef2..cde6a84 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -601,6 +601,11 @@ read_len:
if ((long) timeout.tv_sec <= 0)
timeout.tv_sec = 1;
timeout.tv_usec = 0;
+ if (s+1 > FD_SETSIZE) {
+ Perror(stderr, "s+1 > FD_SETSIZE", EMFILE);
+ res_close();
+ goto next_ns;
+ }
wait:
FD_ZERO(&dsmask);
FD_SET(s, &dsmask);