diff options
| author | millert <> | 2002-11-14 23:44:14 +0000 |
|---|---|---|
| committer | millert <> | 2002-11-14 23:44:14 +0000 |
| commit | c34ce585e7b946908ed51fcd80743aa17d3736da (patch) | |
| tree | 2d72362ab598cb43b12044092ea9a48c9c2f5722 | |
| parent | 6874650c0c0012e1032b100b696e4e725bc5bd22 (diff) | |
| download | openbsd-OPENBSD_3_0.tar.gz openbsd-OPENBSD_3_0.tar.bz2 openbsd-OPENBSD_3_0.zip | |
Apply http://www.isc.org/products/BIND/patches/bind4910.diffOPENBSD_3_0
Fixes bugs listed in http://www.isc.org/products/BIND/bind-security.html
| -rw-r--r-- | src/lib/libc/net/getnetnamadr.c | 59 |
1 files changed, 37 insertions, 22 deletions
diff --git a/src/lib/libc/net/getnetnamadr.c b/src/lib/libc/net/getnetnamadr.c index d3537be17f..9f76ed6d3e 100644 --- a/src/lib/libc/net/getnetnamadr.c +++ b/src/lib/libc/net/getnetnamadr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getnetnamadr.c,v 1.14.2.2 2002/09/09 18:25:08 miod Exp $ */ | 1 | /* $OpenBSD: getnetnamadr.c,v 1.14.2.3 2002/11/14 23:44:14 millert Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1997, Jason Downs. All rights reserved. | 4 | * Copyright (c) 1997, Jason Downs. All rights reserved. |
| @@ -77,7 +77,7 @@ static char sccsid[] = "@(#)getnetbyaddr.c 8.1 (Berkeley) 6/4/93"; | |||
| 77 | static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; | 77 | static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; |
| 78 | static char rcsid[] = "$From: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; | 78 | static char rcsid[] = "$From: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; |
| 79 | #else | 79 | #else |
| 80 | static char rcsid[] = "$OpenBSD: getnetnamadr.c,v 1.14.2.2 2002/09/09 18:25:08 miod Exp $"; | 80 | static char rcsid[] = "$OpenBSD: getnetnamadr.c,v 1.14.2.3 2002/11/14 23:44:14 millert Exp $"; |
| 81 | #endif | 81 | #endif |
| 82 | #endif /* LIBC_SCCS and not lint */ | 82 | #endif /* LIBC_SCCS and not lint */ |
| 83 | 83 | ||
| @@ -133,7 +133,7 @@ getnetanswer(answer, anslen, net_i) | |||
| 133 | int type, class, ancount, qdcount, haveanswer, i, nchar; | 133 | int type, class, ancount, qdcount, haveanswer, i, nchar; |
| 134 | char aux1[MAXHOSTNAMELEN], aux2[MAXHOSTNAMELEN], ans[MAXHOSTNAMELEN]; | 134 | char aux1[MAXHOSTNAMELEN], aux2[MAXHOSTNAMELEN], ans[MAXHOSTNAMELEN]; |
| 135 | char *in, *st, *pauxt, *bp, **ap, *ep; | 135 | char *in, *st, *pauxt, *bp, **ap, *ep; |
| 136 | char *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0; | 136 | char *paux1 = &aux1[0], *paux2 = &aux2[0]; |
| 137 | static struct netent net_entry; | 137 | static struct netent net_entry; |
| 138 | static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; | 138 | static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; |
| 139 | 139 | ||
| @@ -165,8 +165,14 @@ getnetanswer(answer, anslen, net_i) | |||
| 165 | h_errno = TRY_AGAIN; | 165 | h_errno = TRY_AGAIN; |
| 166 | return (NULL); | 166 | return (NULL); |
| 167 | } | 167 | } |
| 168 | while (qdcount-- > 0) | 168 | while (qdcount-- > 0) { |
| 169 | cp += __dn_skipname(cp, eom) + QFIXEDSZ; | 169 | n = __dn_skipname(cp, eom); |
| 170 | if (n < 0 || (cp + n + QFIXEDSZ) > eom) { | ||
| 171 | h_errno = NO_RECOVERY; | ||
| 172 | return(NULL); | ||
| 173 | } | ||
| 174 | cp += n + QFIXEDSZ; | ||
| 175 | } | ||
| 170 | ap = net_aliases; | 176 | ap = net_aliases; |
| 171 | *ap = NULL; | 177 | *ap = NULL; |
| 172 | net_entry.n_aliases = net_aliases; | 178 | net_entry.n_aliases = net_aliases; |
| @@ -198,11 +204,13 @@ getnetanswer(answer, anslen, net_i) | |||
| 198 | return (NULL); | 204 | return (NULL); |
| 199 | } | 205 | } |
| 200 | cp += n; | 206 | cp += n; |
| 201 | *ap++ = bp; | 207 | if ((ap + 2) < &net_aliases[MAXALIASES]) { |
| 202 | bp += strlen(bp) + 1; | 208 | *ap++ = bp; |
| 203 | net_entry.n_addrtype = | 209 | bp += strlen(bp) + 1; |
| 204 | (class == C_IN) ? AF_INET : AF_UNSPEC; | 210 | net_entry.n_addrtype = |
| 205 | haveanswer++; | 211 | (class == C_IN) ? AF_INET : AF_UNSPEC; |
| 212 | haveanswer++; | ||
| 213 | } | ||
| 206 | } | 214 | } |
| 207 | } | 215 | } |
| 208 | if (haveanswer) { | 216 | if (haveanswer) { |
| @@ -213,25 +221,32 @@ getnetanswer(answer, anslen, net_i) | |||
| 213 | net_entry.n_net = 0L; | 221 | net_entry.n_net = 0L; |
| 214 | break; | 222 | break; |
| 215 | case BYNAME: | 223 | case BYNAME: |
| 216 | in = *net_entry.n_aliases; | 224 | ap = net_entry.n_aliases; |
| 217 | net_entry.n_name = &ans[0]; | 225 | next_alias: |
| 226 | in = *ap++; | ||
| 227 | if (in == NULL) { | ||
| 228 | h_errno = HOST_NOT_FOUND; | ||
| 229 | return (NULL); | ||
| 230 | } | ||
| 231 | net_entry.n_name = ans; | ||
| 218 | aux2[0] = '\0'; | 232 | aux2[0] = '\0'; |
| 219 | for (i = 0; i < 4; i++) { | 233 | for (i = 0; i < 4; i++) { |
| 220 | for (st = in, nchar = 0; | 234 | for (st = in, nchar = 0; |
| 221 | *st != '.'; | 235 | isdigit((unsigned char)*st); |
| 222 | st++, nchar++) | 236 | st++, nchar++) |
| 223 | ; | 237 | ; |
| 224 | if (nchar != 1 || *in != '0' || flag) { | 238 | if (*st != '.' || nchar == 0 || nchar > 3) |
| 225 | flag = 1; | 239 | goto next_alias; |
| 226 | strlcpy(paux1, | 240 | if (i != 0) |
| 227 | (i==0) ? in : in-1, | 241 | nchar++; |
| 228 | (i==0) ? nchar+1 : nchar+2); | 242 | strlcpy(paux1, in, nchar+1); |
| 229 | pauxt = paux2; | 243 | pauxt = paux2; |
| 230 | paux2 = strcat(paux1, paux2); | 244 | paux2 = strcat(paux1, paux2); |
| 231 | paux1 = pauxt; | 245 | paux1 = pauxt; |
| 232 | } | ||
| 233 | in = ++st; | 246 | in = ++st; |
| 234 | } | 247 | } |
| 248 | if (strcasecmp(in, "IN-ADDR.ARPA") != 0) | ||
| 249 | goto next_alias; | ||
| 235 | net_entry.n_net = inet_network(paux2); | 250 | net_entry.n_net = inet_network(paux2); |
| 236 | break; | 251 | break; |
| 237 | } | 252 | } |