diff options
author | millert <> | 2002-11-14 23:44:14 +0000 |
---|---|---|
committer | millert <> | 2002-11-14 23:44:14 +0000 |
commit | c34ce585e7b946908ed51fcd80743aa17d3736da (patch) | |
tree | 2d72362ab598cb43b12044092ea9a48c9c2f5722 | |
parent | 6874650c0c0012e1032b100b696e4e725bc5bd22 (diff) | |
download | openbsd-OPENBSD_3_0.tar.gz openbsd-OPENBSD_3_0.tar.bz2 openbsd-OPENBSD_3_0.zip |
Apply http://www.isc.org/products/BIND/patches/bind4910.diffOPENBSD_3_0
Fixes bugs listed in http://www.isc.org/products/BIND/bind-security.html
-rw-r--r-- | src/lib/libc/net/getnetnamadr.c | 59 |
1 files changed, 37 insertions, 22 deletions
diff --git a/src/lib/libc/net/getnetnamadr.c b/src/lib/libc/net/getnetnamadr.c index d3537be17f..9f76ed6d3e 100644 --- a/src/lib/libc/net/getnetnamadr.c +++ b/src/lib/libc/net/getnetnamadr.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: getnetnamadr.c,v 1.14.2.2 2002/09/09 18:25:08 miod Exp $ */ | 1 | /* $OpenBSD: getnetnamadr.c,v 1.14.2.3 2002/11/14 23:44:14 millert Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1997, Jason Downs. All rights reserved. | 4 | * Copyright (c) 1997, Jason Downs. All rights reserved. |
@@ -77,7 +77,7 @@ static char sccsid[] = "@(#)getnetbyaddr.c 8.1 (Berkeley) 6/4/93"; | |||
77 | static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; | 77 | static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; |
78 | static char rcsid[] = "$From: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; | 78 | static char rcsid[] = "$From: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; |
79 | #else | 79 | #else |
80 | static char rcsid[] = "$OpenBSD: getnetnamadr.c,v 1.14.2.2 2002/09/09 18:25:08 miod Exp $"; | 80 | static char rcsid[] = "$OpenBSD: getnetnamadr.c,v 1.14.2.3 2002/11/14 23:44:14 millert Exp $"; |
81 | #endif | 81 | #endif |
82 | #endif /* LIBC_SCCS and not lint */ | 82 | #endif /* LIBC_SCCS and not lint */ |
83 | 83 | ||
@@ -133,7 +133,7 @@ getnetanswer(answer, anslen, net_i) | |||
133 | int type, class, ancount, qdcount, haveanswer, i, nchar; | 133 | int type, class, ancount, qdcount, haveanswer, i, nchar; |
134 | char aux1[MAXHOSTNAMELEN], aux2[MAXHOSTNAMELEN], ans[MAXHOSTNAMELEN]; | 134 | char aux1[MAXHOSTNAMELEN], aux2[MAXHOSTNAMELEN], ans[MAXHOSTNAMELEN]; |
135 | char *in, *st, *pauxt, *bp, **ap, *ep; | 135 | char *in, *st, *pauxt, *bp, **ap, *ep; |
136 | char *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0; | 136 | char *paux1 = &aux1[0], *paux2 = &aux2[0]; |
137 | static struct netent net_entry; | 137 | static struct netent net_entry; |
138 | static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; | 138 | static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; |
139 | 139 | ||
@@ -165,8 +165,14 @@ getnetanswer(answer, anslen, net_i) | |||
165 | h_errno = TRY_AGAIN; | 165 | h_errno = TRY_AGAIN; |
166 | return (NULL); | 166 | return (NULL); |
167 | } | 167 | } |
168 | while (qdcount-- > 0) | 168 | while (qdcount-- > 0) { |
169 | cp += __dn_skipname(cp, eom) + QFIXEDSZ; | 169 | n = __dn_skipname(cp, eom); |
170 | if (n < 0 || (cp + n + QFIXEDSZ) > eom) { | ||
171 | h_errno = NO_RECOVERY; | ||
172 | return(NULL); | ||
173 | } | ||
174 | cp += n + QFIXEDSZ; | ||
175 | } | ||
170 | ap = net_aliases; | 176 | ap = net_aliases; |
171 | *ap = NULL; | 177 | *ap = NULL; |
172 | net_entry.n_aliases = net_aliases; | 178 | net_entry.n_aliases = net_aliases; |
@@ -198,11 +204,13 @@ getnetanswer(answer, anslen, net_i) | |||
198 | return (NULL); | 204 | return (NULL); |
199 | } | 205 | } |
200 | cp += n; | 206 | cp += n; |
201 | *ap++ = bp; | 207 | if ((ap + 2) < &net_aliases[MAXALIASES]) { |
202 | bp += strlen(bp) + 1; | 208 | *ap++ = bp; |
203 | net_entry.n_addrtype = | 209 | bp += strlen(bp) + 1; |
204 | (class == C_IN) ? AF_INET : AF_UNSPEC; | 210 | net_entry.n_addrtype = |
205 | haveanswer++; | 211 | (class == C_IN) ? AF_INET : AF_UNSPEC; |
212 | haveanswer++; | ||
213 | } | ||
206 | } | 214 | } |
207 | } | 215 | } |
208 | if (haveanswer) { | 216 | if (haveanswer) { |
@@ -213,25 +221,32 @@ getnetanswer(answer, anslen, net_i) | |||
213 | net_entry.n_net = 0L; | 221 | net_entry.n_net = 0L; |
214 | break; | 222 | break; |
215 | case BYNAME: | 223 | case BYNAME: |
216 | in = *net_entry.n_aliases; | 224 | ap = net_entry.n_aliases; |
217 | net_entry.n_name = &ans[0]; | 225 | next_alias: |
226 | in = *ap++; | ||
227 | if (in == NULL) { | ||
228 | h_errno = HOST_NOT_FOUND; | ||
229 | return (NULL); | ||
230 | } | ||
231 | net_entry.n_name = ans; | ||
218 | aux2[0] = '\0'; | 232 | aux2[0] = '\0'; |
219 | for (i = 0; i < 4; i++) { | 233 | for (i = 0; i < 4; i++) { |
220 | for (st = in, nchar = 0; | 234 | for (st = in, nchar = 0; |
221 | *st != '.'; | 235 | isdigit((unsigned char)*st); |
222 | st++, nchar++) | 236 | st++, nchar++) |
223 | ; | 237 | ; |
224 | if (nchar != 1 || *in != '0' || flag) { | 238 | if (*st != '.' || nchar == 0 || nchar > 3) |
225 | flag = 1; | 239 | goto next_alias; |
226 | strlcpy(paux1, | 240 | if (i != 0) |
227 | (i==0) ? in : in-1, | 241 | nchar++; |
228 | (i==0) ? nchar+1 : nchar+2); | 242 | strlcpy(paux1, in, nchar+1); |
229 | pauxt = paux2; | 243 | pauxt = paux2; |
230 | paux2 = strcat(paux1, paux2); | 244 | paux2 = strcat(paux1, paux2); |
231 | paux1 = pauxt; | 245 | paux1 = pauxt; |
232 | } | ||
233 | in = ++st; | 246 | in = ++st; |
234 | } | 247 | } |
248 | if (strcasecmp(in, "IN-ADDR.ARPA") != 0) | ||
249 | goto next_alias; | ||
235 | net_entry.n_net = inet_network(paux2); | 250 | net_entry.n_net = inet_network(paux2); |
236 | break; | 251 | break; |
237 | } | 252 | } |