Attachment 8768 Details for Bug 18221 – file.diff

[patch] file.diff

file.diff (text/plain), 1.36 KB, created by john on 2000-04-26 06:30:02 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: john

Created: 2000-04-26 06:30:02 UTC

Size: 1.36 KB

patch

obsolete

>--- lib/libc/net/gethostbydns.c.orig	Sat Feb 26 11:55:47 2000
>+++ lib/libc/net/gethostbydns.c	Wed Mar  1 15:03:57 2000
>@@ -142,12 +142,7 @@
> 	} while (0)
> 
> #define BOUNDS_CHECK(ptr, count) \
>-	do { \
>-		if ((ptr) + (count) > eom) { \
>-			h_errno = NO_RECOVERY; \
>-			return (NULL); \
>-		} \
>-	} while (0)
>+	((ptr) + (count) > eom)
> 
> static struct hostent *
> gethostanswer(answer, anslen, qname, qtype)
>@@ -170,7 +165,7 @@
> 
> 	tname = qname;
> 	host.h_name = NULL;
>-	eom = answer->buf + anslen;
>+	eom = answer->buf + (anslen > MAXPACKET ? MAXPACKET : anslen);
> 	switch (qtype) {
> 	case T_A:
> 	case T_AAAA:
>@@ -235,7 +230,11 @@
> 			continue;
> 		}
> 		cp += n;			/* name */
>-		BOUNDS_CHECK(cp, 3 * INT16SZ + INT32SZ);
>+		if (BOUNDS_CHECK(cp, 3 * INT16SZ + INT32SZ))
>+		{
>+			had_error++;
>+			continue;
>+		}
> 		type = _getshort(cp);
>  		cp += INT16SZ;			/* type */
> 		class = _getshort(cp);
>@@ -245,7 +244,11 @@
> 		cp += INT32SZ;			/* TTL */
> 		n = _getshort(cp);
> 		cp += INT16SZ;			/* len */
>-		BOUNDS_CHECK(cp, n);
>+		if (BOUNDS_CHECK(cp, n))
>+		{
>+			had_error++;
>+			continue;
>+		}
> 		erdata = cp + n;
> 		if (class != C_IN) {
> 			/* XXX - debug? syslog? */
>@@ -666,7 +669,6 @@
> 	}
> 	if (n > sizeof buf.buf) {
> 		dprintf("static buffer is too small (%d)\n", n);
>-		return (NULL);
> 	}
> 	if (!(hp = gethostanswer(&buf, n, qbuf, T_PTR)))
> 		return (NULL);	/* h_errno was set by gethostanswer() */

Actions: View | Diff

Attachments on bug 18221: 8768