diff options
| author | millert <> | 2002-06-26 06:02:54 +0000 |
|---|---|---|
| committer | millert <> | 2002-06-26 06:02:54 +0000 |
| commit | 0375e51a80c9a3f6ac5804f1c784f90c8ed7a3c3 (patch) | |
| tree | 43e53dffa1d2cd6a3c60bdedf574cd5ad04efb78 | |
| parent | 0461b1f9f162975928c9fe60e016b7281276fb0f (diff) | |
| download | openbsd-OPENBSD_2_9.tar.gz openbsd-OPENBSD_2_9.tar.bz2 openbsd-OPENBSD_2_9.zip | |
avoid remote buffer overrun on hostbuf[]. From: Joost Pol <joost@pine.nl>OPENBSD_2_9
correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use
fixed point (ep) as the ending pointer. From: itojun
this fix is critical.
| -rw-r--r-- | src/lib/libc/net/gethostnamadr.c | 57 | ||||
| -rw-r--r-- | src/lib/libc/net/getnetnamadr.c | 19 |
2 files changed, 33 insertions, 43 deletions
diff --git a/src/lib/libc/net/gethostnamadr.c b/src/lib/libc/net/gethostnamadr.c index 33c9643f70..c3381a73d0 100644 --- a/src/lib/libc/net/gethostnamadr.c +++ b/src/lib/libc/net/gethostnamadr.c | |||
| @@ -52,7 +52,7 @@ | |||
| 52 | */ | 52 | */ |
| 53 | 53 | ||
| 54 | #if defined(LIBC_SCCS) && !defined(lint) | 54 | #if defined(LIBC_SCCS) && !defined(lint) |
| 55 | static char rcsid[] = "$OpenBSD: gethostnamadr.c,v 1.42 2000/07/30 14:07:14 itojun Exp $"; | 55 | static char rcsid[] = "$OpenBSD: gethostnamadr.c,v 1.42.4.1 2002/06/26 06:02:54 millert Exp $"; |
| 56 | #endif /* LIBC_SCCS and not lint */ | 56 | #endif /* LIBC_SCCS and not lint */ |
| 57 | 57 | ||
| 58 | #include <sys/param.h> | 58 | #include <sys/param.h> |
| @@ -99,7 +99,7 @@ static FILE *hostf = NULL; | |||
| 99 | static int stayopen = 0; | 99 | static int stayopen = 0; |
| 100 | 100 | ||
| 101 | static void map_v4v6_address __P((const char *src, char *dst)); | 101 | static void map_v4v6_address __P((const char *src, char *dst)); |
| 102 | static void map_v4v6_hostent __P((struct hostent *hp, char **bp, int *len)); | 102 | static void map_v4v6_hostent __P((struct hostent *hp, char **bp, char *)); |
| 103 | 103 | ||
| 104 | #ifdef RESOLVSORT | 104 | #ifdef RESOLVSORT |
| 105 | static void addrsort __P((char **, int)); | 105 | static void addrsort __P((char **, int)); |
| @@ -169,8 +169,8 @@ getanswer(answer, anslen, qname, qtype) | |||
| 169 | register const u_char *cp; | 169 | register const u_char *cp; |
| 170 | register int n; | 170 | register int n; |
| 171 | const u_char *eom; | 171 | const u_char *eom; |
| 172 | char *bp, **ap, **hap; | 172 | char *bp, **ap, **hap, *ep; |
| 173 | int type, class, buflen, ancount, qdcount; | 173 | int type, class, ancount, qdcount; |
| 174 | int haveanswer, had_error; | 174 | int haveanswer, had_error; |
| 175 | int toobig = 0; | 175 | int toobig = 0; |
| 176 | char tbuf[MAXDNAME]; | 176 | char tbuf[MAXDNAME]; |
| @@ -204,13 +204,13 @@ getanswer(answer, anslen, qname, qtype) | |||
| 204 | ancount = ntohs(hp->ancount); | 204 | ancount = ntohs(hp->ancount); |
| 205 | qdcount = ntohs(hp->qdcount); | 205 | qdcount = ntohs(hp->qdcount); |
| 206 | bp = hostbuf; | 206 | bp = hostbuf; |
| 207 | buflen = sizeof hostbuf; | 207 | ep = hostbuf + sizeof hostbuf; |
| 208 | cp = answer->buf + HFIXEDSZ; | 208 | cp = answer->buf + HFIXEDSZ; |
| 209 | if (qdcount != 1) { | 209 | if (qdcount != 1) { |
| 210 | h_errno = NO_RECOVERY; | 210 | h_errno = NO_RECOVERY; |
| 211 | return (NULL); | 211 | return (NULL); |
| 212 | } | 212 | } |
| 213 | n = dn_expand(answer->buf, eom, cp, bp, buflen); | 213 | n = dn_expand(answer->buf, eom, cp, bp, ep - bp); |
| 214 | if ((n < 0) || !(*name_ok)(bp)) { | 214 | if ((n < 0) || !(*name_ok)(bp)) { |
| 215 | h_errno = NO_RECOVERY; | 215 | h_errno = NO_RECOVERY; |
| 216 | return (NULL); | 216 | return (NULL); |
| @@ -224,7 +224,6 @@ getanswer(answer, anslen, qname, qtype) | |||
| 224 | n = strlen(bp) + 1; /* for the \0 */ | 224 | n = strlen(bp) + 1; /* for the \0 */ |
| 225 | host.h_name = bp; | 225 | host.h_name = bp; |
| 226 | bp += n; | 226 | bp += n; |
| 227 | buflen -= n; | ||
| 228 | /* The qname can be abbreviated, but h_name is now absolute. */ | 227 | /* The qname can be abbreviated, but h_name is now absolute. */ |
| 229 | qname = host.h_name; | 228 | qname = host.h_name; |
| 230 | } | 229 | } |
| @@ -237,7 +236,7 @@ getanswer(answer, anslen, qname, qtype) | |||
| 237 | haveanswer = 0; | 236 | haveanswer = 0; |
| 238 | had_error = 0; | 237 | had_error = 0; |
| 239 | while (ancount-- > 0 && cp < eom && !had_error) { | 238 | while (ancount-- > 0 && cp < eom && !had_error) { |
| 240 | n = dn_expand(answer->buf, eom, cp, bp, buflen); | 239 | n = dn_expand(answer->buf, eom, cp, bp, ep - bp); |
| 241 | if ((n < 0) || !(*name_ok)(bp)) { | 240 | if ((n < 0) || !(*name_ok)(bp)) { |
| 242 | had_error++; | 241 | had_error++; |
| 243 | continue; | 242 | continue; |
| @@ -272,17 +271,15 @@ getanswer(answer, anslen, qname, qtype) | |||
| 272 | *ap++ = bp; | 271 | *ap++ = bp; |
| 273 | n = strlen(bp) + 1; /* for the \0 */ | 272 | n = strlen(bp) + 1; /* for the \0 */ |
| 274 | bp += n; | 273 | bp += n; |
| 275 | buflen -= n; | ||
| 276 | /* Get canonical name. */ | 274 | /* Get canonical name. */ |
| 277 | n = strlen(tbuf) + 1; /* for the \0 */ | 275 | n = strlen(tbuf) + 1; /* for the \0 */ |
| 278 | if (n > buflen) { | 276 | if (n > ep - bp) { |
| 279 | had_error++; | 277 | had_error++; |
| 280 | continue; | 278 | continue; |
| 281 | } | 279 | } |
| 282 | strcpy(bp, tbuf); | 280 | strcpy(bp, tbuf); |
| 283 | host.h_name = bp; | 281 | host.h_name = bp; |
| 284 | bp += n; | 282 | bp += n; |
| 285 | buflen -= n; | ||
| 286 | continue; | 283 | continue; |
| 287 | } | 284 | } |
| 288 | if (qtype == T_PTR && type == T_CNAME) { | 285 | if (qtype == T_PTR && type == T_CNAME) { |
| @@ -298,14 +295,13 @@ getanswer(answer, anslen, qname, qtype) | |||
| 298 | cp += n; | 295 | cp += n; |
| 299 | /* Get canonical name. */ | 296 | /* Get canonical name. */ |
| 300 | n = strlen(tbuf) + 1; /* for the \0 */ | 297 | n = strlen(tbuf) + 1; /* for the \0 */ |
| 301 | if (n > buflen) { | 298 | if (n > ep - bp) { |
| 302 | had_error++; | 299 | had_error++; |
| 303 | continue; | 300 | continue; |
| 304 | } | 301 | } |
| 305 | strcpy(bp, tbuf); | 302 | strcpy(bp, tbuf); |
| 306 | tname = bp; | 303 | tname = bp; |
| 307 | bp += n; | 304 | bp += n; |
| 308 | buflen -= n; | ||
| 309 | continue; | 305 | continue; |
| 310 | } | 306 | } |
| 311 | if (type != qtype) { | 307 | if (type != qtype) { |
| @@ -324,7 +320,7 @@ getanswer(answer, anslen, qname, qtype) | |||
| 324 | cp += n; | 320 | cp += n; |
| 325 | continue; /* XXX - had_error++ ? */ | 321 | continue; /* XXX - had_error++ ? */ |
| 326 | } | 322 | } |
| 327 | n = dn_expand(answer->buf, eom, cp, bp, buflen); | 323 | n = dn_expand(answer->buf, eom, cp, bp, ep - bp); |
| 328 | #ifdef USE_RESOLV_NAME_OK | 324 | #ifdef USE_RESOLV_NAME_OK |
| 329 | if ((n < 0) || !res_hnok(bp)) { | 325 | if ((n < 0) || !res_hnok(bp)) { |
| 330 | #else | 326 | #else |
| @@ -344,7 +340,6 @@ getanswer(answer, anslen, qname, qtype) | |||
| 344 | if (n != -1) { | 340 | if (n != -1) { |
| 345 | n = strlen(bp) + 1; /* for the \0 */ | 341 | n = strlen(bp) + 1; /* for the \0 */ |
| 346 | bp += n; | 342 | bp += n; |
| 347 | buflen -= n; | ||
| 348 | } | 343 | } |
| 349 | break; | 344 | break; |
| 350 | #else | 345 | #else |
| @@ -352,8 +347,7 @@ getanswer(answer, anslen, qname, qtype) | |||
| 352 | if (_res.options & RES_USE_INET6) { | 347 | if (_res.options & RES_USE_INET6) { |
| 353 | n = strlen(bp) + 1; /* for the \0 */ | 348 | n = strlen(bp) + 1; /* for the \0 */ |
| 354 | bp += n; | 349 | bp += n; |
| 355 | buflen -= n; | 350 | map_v4v6_hostent(&host, &bp, ep); |
| 356 | map_v4v6_hostent(&host, &bp, &buflen); | ||
| 357 | } | 351 | } |
| 358 | h_errno = NETDB_SUCCESS; | 352 | h_errno = NETDB_SUCCESS; |
| 359 | return (&host); | 353 | return (&host); |
| @@ -376,7 +370,6 @@ getanswer(answer, anslen, qname, qtype) | |||
| 376 | host.h_name = bp; | 370 | host.h_name = bp; |
| 377 | nn = strlen(bp) + 1; /* for the \0 */ | 371 | nn = strlen(bp) + 1; /* for the \0 */ |
| 378 | bp += nn; | 372 | bp += nn; |
| 379 | buflen -= nn; | ||
| 380 | } | 373 | } |
| 381 | 374 | ||
| 382 | bp += sizeof(align) - ((u_long)bp % sizeof(align)); | 375 | bp += sizeof(align) - ((u_long)bp % sizeof(align)); |
| @@ -400,7 +393,6 @@ getanswer(answer, anslen, qname, qtype) | |||
| 400 | } | 393 | } |
| 401 | bcopy(cp, *hap++ = bp, n); | 394 | bcopy(cp, *hap++ = bp, n); |
| 402 | bp += n; | 395 | bp += n; |
| 403 | buflen -= n; | ||
| 404 | cp += n; | 396 | cp += n; |
| 405 | break; | 397 | break; |
| 406 | } | 398 | } |
| @@ -421,15 +413,14 @@ getanswer(answer, anslen, qname, qtype) | |||
| 421 | # endif /*RESOLVSORT*/ | 413 | # endif /*RESOLVSORT*/ |
| 422 | if (!host.h_name) { | 414 | if (!host.h_name) { |
| 423 | n = strlen(qname) + 1; /* for the \0 */ | 415 | n = strlen(qname) + 1; /* for the \0 */ |
| 424 | if (n > buflen) | 416 | if (n > ep - bp) |
| 425 | goto try_again; | 417 | goto try_again; |
| 426 | strcpy(bp, qname); | 418 | strcpy(bp, qname); |
| 427 | host.h_name = bp; | 419 | host.h_name = bp; |
| 428 | bp += n; | 420 | bp += n; |
| 429 | buflen -= n; | ||
| 430 | } | 421 | } |
| 431 | if (_res.options & RES_USE_INET6) | 422 | if (_res.options & RES_USE_INET6) |
| 432 | map_v4v6_hostent(&host, &bp, &buflen); | 423 | map_v4v6_hostent(&host, &bp, ep); |
| 433 | h_errno = NETDB_SUCCESS; | 424 | h_errno = NETDB_SUCCESS; |
| 434 | return (&host); | 425 | return (&host); |
| 435 | } | 426 | } |
| @@ -521,8 +512,8 @@ gethostbyname2(name, af) | |||
| 521 | { | 512 | { |
| 522 | querybuf buf; | 513 | querybuf buf; |
| 523 | register const char *cp; | 514 | register const char *cp; |
| 524 | char *bp; | 515 | char *bp, *ep; |
| 525 | int n, size, type, len, i; | 516 | int n, size, type, i; |
| 526 | extern struct hostent *_gethtbyname2(), *_yp_gethtbyname(); | 517 | extern struct hostent *_gethtbyname2(), *_yp_gethtbyname(); |
| 527 | register struct hostent *hp; | 518 | register struct hostent *hp; |
| 528 | char lookups[MAXDNSLUS]; | 519 | char lookups[MAXDNSLUS]; |
| @@ -577,7 +568,7 @@ gethostbyname2(name, af) | |||
| 577 | strncpy(hostbuf, name, MAXHOSTNAMELEN-1); | 568 | strncpy(hostbuf, name, MAXHOSTNAMELEN-1); |
| 578 | hostbuf[MAXHOSTNAMELEN-1] = '\0'; | 569 | hostbuf[MAXHOSTNAMELEN-1] = '\0'; |
| 579 | bp = hostbuf + MAXHOSTNAMELEN; | 570 | bp = hostbuf + MAXHOSTNAMELEN; |
| 580 | len = sizeof hostbuf - MAXHOSTNAMELEN; | 571 | ep = hostbuf + sizeof(hostbuf); |
| 581 | host.h_name = hostbuf; | 572 | host.h_name = hostbuf; |
| 582 | host.h_aliases = host_aliases; | 573 | host.h_aliases = host_aliases; |
| 583 | host_aliases[0] = NULL; | 574 | host_aliases[0] = NULL; |
| @@ -585,7 +576,7 @@ gethostbyname2(name, af) | |||
| 585 | h_addr_ptrs[1] = NULL; | 576 | h_addr_ptrs[1] = NULL; |
| 586 | host.h_addr_list = h_addr_ptrs; | 577 | host.h_addr_list = h_addr_ptrs; |
| 587 | if (_res.options & RES_USE_INET6) | 578 | if (_res.options & RES_USE_INET6) |
| 588 | map_v4v6_hostent(&host, &bp, &len); | 579 | map_v4v6_hostent(&host, &bp, ep); |
| 589 | h_errno = NETDB_SUCCESS; | 580 | h_errno = NETDB_SUCCESS; |
| 590 | return (&host); | 581 | return (&host); |
| 591 | } | 582 | } |
| @@ -610,7 +601,7 @@ gethostbyname2(name, af) | |||
| 610 | strncpy(hostbuf, name, MAXHOSTNAMELEN-1); | 601 | strncpy(hostbuf, name, MAXHOSTNAMELEN-1); |
| 611 | hostbuf[MAXHOSTNAMELEN-1] = '\0'; | 602 | hostbuf[MAXHOSTNAMELEN-1] = '\0'; |
| 612 | bp = hostbuf + MAXHOSTNAMELEN; | 603 | bp = hostbuf + MAXHOSTNAMELEN; |
| 613 | len = sizeof hostbuf - MAXHOSTNAMELEN; | 604 | ep = hostbuf + sizeof(hostbuf); |
| 614 | host.h_name = hostbuf; | 605 | host.h_name = hostbuf; |
| 615 | host.h_aliases = host_aliases; | 606 | host.h_aliases = host_aliases; |
| 616 | host_aliases[0] = NULL; | 607 | host_aliases[0] = NULL; |
| @@ -869,9 +860,9 @@ _gethtent() | |||
| 869 | *q = NULL; | 860 | *q = NULL; |
| 870 | if (_res.options & RES_USE_INET6) { | 861 | if (_res.options & RES_USE_INET6) { |
| 871 | char *bp = hostbuf; | 862 | char *bp = hostbuf; |
| 872 | int buflen = sizeof hostbuf; | 863 | char *ep = hostbuf + sizeof hostbuf; |
| 873 | 864 | ||
| 874 | map_v4v6_hostent(&host, &bp, &buflen); | 865 | map_v4v6_hostent(&host, &bp, ep); |
| 875 | } | 866 | } |
| 876 | h_errno = NETDB_SUCCESS; | 867 | h_errno = NETDB_SUCCESS; |
| 877 | return (&host); | 868 | return (&host); |
| @@ -1087,10 +1078,10 @@ map_v4v6_address(src, dst) | |||
| 1087 | } | 1078 | } |
| 1088 | 1079 | ||
| 1089 | static void | 1080 | static void |
| 1090 | map_v4v6_hostent(hp, bpp, lenp) | 1081 | map_v4v6_hostent(hp, bpp, ep) |
| 1091 | struct hostent *hp; | 1082 | struct hostent *hp; |
| 1092 | char **bpp; | 1083 | char **bpp; |
| 1093 | int *lenp; | 1084 | char *ep; |
| 1094 | { | 1085 | { |
| 1095 | char **ap; | 1086 | char **ap; |
| 1096 | 1087 | ||
| @@ -1101,17 +1092,15 @@ map_v4v6_hostent(hp, bpp, lenp) | |||
| 1101 | for (ap = hp->h_addr_list; *ap; ap++) { | 1092 | for (ap = hp->h_addr_list; *ap; ap++) { |
| 1102 | int i = sizeof(align) - ((u_long)*bpp % sizeof(align)); | 1093 | int i = sizeof(align) - ((u_long)*bpp % sizeof(align)); |
| 1103 | 1094 | ||
| 1104 | if (*lenp < (i + IN6ADDRSZ)) { | 1095 | if (ep - *bpp < (i + IN6ADDRSZ)) { |
| 1105 | /* Out of memory. Truncate address list here. XXX */ | 1096 | /* Out of memory. Truncate address list here. XXX */ |
| 1106 | *ap = NULL; | 1097 | *ap = NULL; |
| 1107 | return; | 1098 | return; |
| 1108 | } | 1099 | } |
| 1109 | *bpp += i; | 1100 | *bpp += i; |
| 1110 | *lenp -= i; | ||
| 1111 | map_v4v6_address(*ap, *bpp); | 1101 | map_v4v6_address(*ap, *bpp); |
| 1112 | *ap = *bpp; | 1102 | *ap = *bpp; |
| 1113 | *bpp += IN6ADDRSZ; | 1103 | *bpp += IN6ADDRSZ; |
| 1114 | *lenp -= IN6ADDRSZ; | ||
| 1115 | } | 1104 | } |
| 1116 | } | 1105 | } |
| 1117 | 1106 | ||
diff --git a/src/lib/libc/net/getnetnamadr.c b/src/lib/libc/net/getnetnamadr.c index 0ebc77b656..522332d9b0 100644 --- a/src/lib/libc/net/getnetnamadr.c +++ b/src/lib/libc/net/getnetnamadr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getnetnamadr.c,v 1.13 1999/06/04 06:38:10 niklas Exp $ */ | 1 | /* $OpenBSD: getnetnamadr.c,v 1.13.8.1 2002/06/26 06:02:54 millert Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1997, Jason Downs. All rights reserved. | 4 | * Copyright (c) 1997, Jason Downs. All rights reserved. |
| @@ -77,7 +77,7 @@ static char sccsid[] = "@(#)getnetbyaddr.c 8.1 (Berkeley) 6/4/93"; | |||
| 77 | static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; | 77 | static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; |
| 78 | static char rcsid[] = "$From: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; | 78 | static char rcsid[] = "$From: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; |
| 79 | #else | 79 | #else |
| 80 | static char rcsid[] = "$OpenBSD: getnetnamadr.c,v 1.13 1999/06/04 06:38:10 niklas Exp $"; | 80 | static char rcsid[] = "$OpenBSD: getnetnamadr.c,v 1.13.8.1 2002/06/26 06:02:54 millert Exp $"; |
| 81 | #endif | 81 | #endif |
| 82 | #endif /* LIBC_SCCS and not lint */ | 82 | #endif /* LIBC_SCCS and not lint */ |
| 83 | 83 | ||
| @@ -133,9 +133,9 @@ getnetanswer(answer, anslen, net_i) | |||
| 133 | register u_char *cp; | 133 | register u_char *cp; |
| 134 | register int n; | 134 | register int n; |
| 135 | u_char *eom; | 135 | u_char *eom; |
| 136 | int type, class, buflen, ancount, qdcount, haveanswer, i, nchar; | 136 | int type, class, ancount, qdcount, haveanswer, i, nchar; |
| 137 | char aux1[MAXHOSTNAMELEN], aux2[MAXHOSTNAMELEN], ans[MAXHOSTNAMELEN]; | 137 | char aux1[MAXHOSTNAMELEN], aux2[MAXHOSTNAMELEN], ans[MAXHOSTNAMELEN]; |
| 138 | char *in, *st, *pauxt, *bp, **ap; | 138 | char *in, *st, *pauxt, *bp, **ap, *ep; |
| 139 | char *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0; | 139 | char *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0; |
| 140 | static struct netent net_entry; | 140 | static struct netent net_entry; |
| 141 | static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; | 141 | static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; |
| @@ -159,7 +159,7 @@ getnetanswer(answer, anslen, net_i) | |||
| 159 | ancount = ntohs(hp->ancount); /* #/records in the answer section */ | 159 | ancount = ntohs(hp->ancount); /* #/records in the answer section */ |
| 160 | qdcount = ntohs(hp->qdcount); /* #/entries in the question section */ | 160 | qdcount = ntohs(hp->qdcount); /* #/entries in the question section */ |
| 161 | bp = netbuf; | 161 | bp = netbuf; |
| 162 | buflen = sizeof(netbuf); | 162 | ep = netbuf + sizeof(netbuf); |
| 163 | cp = answer->buf + HFIXEDSZ; | 163 | cp = answer->buf + HFIXEDSZ; |
| 164 | if (!qdcount) { | 164 | if (!qdcount) { |
| 165 | if (hp->aa) | 165 | if (hp->aa) |
| @@ -175,7 +175,7 @@ getnetanswer(answer, anslen, net_i) | |||
| 175 | net_entry.n_aliases = net_aliases; | 175 | net_entry.n_aliases = net_aliases; |
| 176 | haveanswer = 0; | 176 | haveanswer = 0; |
| 177 | while (--ancount >= 0 && cp < eom) { | 177 | while (--ancount >= 0 && cp < eom) { |
| 178 | n = dn_expand(answer->buf, eom, cp, bp, buflen); | 178 | n = dn_expand(answer->buf, eom, cp, bp, ep - bp); |
| 179 | #ifdef USE_RESOLV_NAME_OK | 179 | #ifdef USE_RESOLV_NAME_OK |
| 180 | if ((n < 0) || !res_dnok(bp)) | 180 | if ((n < 0) || !res_dnok(bp)) |
| 181 | #else | 181 | #else |
| @@ -191,12 +191,13 @@ getnetanswer(answer, anslen, net_i) | |||
| 191 | cp += INT32SZ; /* TTL */ | 191 | cp += INT32SZ; /* TTL */ |
| 192 | GETSHORT(n, cp); | 192 | GETSHORT(n, cp); |
| 193 | if (class == C_IN && type == T_PTR) { | 193 | if (class == C_IN && type == T_PTR) { |
| 194 | n = dn_expand(answer->buf, eom, cp, bp, buflen); | 194 | n = dn_expand(answer->buf, eom, cp, bp, ep - bp); |
| 195 | #ifdef USE_RESOLV_NAME_OK | 195 | #ifdef USE_RESOLV_NAME_OK |
| 196 | if ((n < 0) || !res_hnok(bp)) { | 196 | if ((n < 0) || !res_hnok(bp)) |
| 197 | #else | 197 | #else |
| 198 | if ((n < 0) || !_hokchar(bp)) { | 198 | if ((n < 0) || !_hokchar(bp)) |
| 199 | #endif | 199 | #endif |
| 200 | { | ||
| 200 | cp += n; | 201 | cp += n; |
| 201 | return (NULL); | 202 | return (NULL); |
| 202 | } | 203 | } |