correct bad practice in the code - it uses two changing variables

to manage buffer (buf and buflen).  we eliminate buflen and use
fixed point (ep) as the ending pointer.

this fix is NOT critical.

2 files changed, 22 insertions, 26 deletions

diff --git a/src/lib/libc/net/getaddrinfo.c b/src/lib/libc/net/getaddrinfo.c
index d16900b4a0..3f4d916486 100644
--- a/src/lib/libc/net/getaddrinfo.c
+++ b/src/lib/libc/net/getaddrinfo.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: getaddrinfo.c,v 1.33 2002/02/17 19:42:23 millert Exp $        */
+/*      $OpenBSD: getaddrinfo.c,v 1.34 2002/06/26 06:01:16 itojun Exp $ */
 /*      $KAME: getaddrinfo.c,v 1.31 2000/08/31 17:36:43 itojun Exp $    */
 
 /*
@@ -1031,8 +1031,8 @@ getanswer(answer, anslen, qname, qtype, pai)
         const u_char *cp;
         int n;
         const u_char *eom;
-        char *bp;
-        int type, class, buflen, ancount, qdcount;
+        char *bp, *ep;
+        int type, class, ancount, qdcount;
         int haveanswer, had_error;
         char tbuf[MAXDNAME];
         int (*name_ok)(const char *);
@@ -1059,13 +1059,13 @@ getanswer(answer, anslen, qname, qtype, pai)
         ancount = ntohs(hp->ancount);
         qdcount = ntohs(hp->qdcount);
         bp = hostbuf;
-        buflen = sizeof hostbuf;
+        ep = hostbuf + sizeof hostbuf;
         cp = answer->buf + HFIXEDSZ;
         if (qdcount != 1) {
                 h_errno = NO_RECOVERY;
                 return (NULL);
         }
-        n = dn_expand(answer->buf, eom, cp, bp, buflen);
+        n = dn_expand(answer->buf, eom, cp, bp, ep - bp);
         if ((n < 0) || !(*name_ok)(bp)) {
                 h_errno = NO_RECOVERY;
                 return (NULL);
@@ -1083,14 +1083,13 @@ getanswer(answer, anslen, qname, qtype, pai)
                 }
                 canonname = bp;
                 bp += n;
-                buflen -= n;
                 /* The qname can be abbreviated, but h_name is now absolute. */
                 qname = canonname;
         }
         haveanswer = 0;
         had_error = 0;
         while (ancount-- > 0 && cp < eom && !had_error) {
-                n = dn_expand(answer->buf, eom, cp, bp, buflen);
+                n = dn_expand(answer->buf, eom, cp, bp, ep - bp);
                 if ((n < 0) || !(*name_ok)(bp)) {
                         had_error++;
                         continue;
@@ -1117,14 +1116,13 @@ getanswer(answer, anslen, qname, qtype, pai)
                         cp += n;
                         /* Get canonical name. */
                         n = strlen(tbuf) + 1;   /* for the \0 */
-                        if (n > buflen || n >= MAXHOSTNAMELEN) {
+                        if (n > ep - bp || n >= MAXHOSTNAMELEN) {
                                 had_error++;
                                 continue;
                         }
                         strcpy(bp, tbuf);
                         canonname = bp;
                         bp += n;
-                        buflen -= n;
                         continue;
                 }
                 if (qtype == T_ANY) {
@@ -1164,7 +1162,6 @@ getanswer(answer, anslen, qname, qtype, pai)
                                 canonname = bp;
                                 nn = strlen(bp) + 1;    /* for the \0 */
                                 bp += nn;
-                                buflen -= nn;
                         }
 
                         /* don't overwrite pai */
diff --git a/src/lib/libc/net/res_mkquery.c b/src/lib/libc/net/res_mkquery.c
index e414b5060d..6e57ec3217 100644
--- a/src/lib/libc/net/res_mkquery.c
+++ b/src/lib/libc/net/res_mkquery.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: res_mkquery.c,v 1.10 2001/07/31 22:02:18 jakob Exp $  */
+/*      $OpenBSD: res_mkquery.c,v 1.11 2002/06/26 06:01:16 itojun Exp $ */
 
 /*
  * ++Copyright++ 1985, 1993
@@ -60,7 +60,7 @@
 static char sccsid[] = "@(#)res_mkquery.c       8.1 (Berkeley) 6/4/93";
 static char rcsid[] = "$From: res_mkquery.c,v 8.5 1996/08/27 08:33:28 vixie Exp $";
 #else
-static char rcsid[] = "$OpenBSD: res_mkquery.c,v 1.10 2001/07/31 22:02:18 jakob Exp $";
+static char rcsid[] = "$OpenBSD: res_mkquery.c,v 1.11 2002/06/26 06:01:16 itojun Exp $";
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -91,7 +91,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
         int buflen;             /* size of buffer */
 {
         register HEADER *hp;
-        register u_char *cp;
+        register u_char *cp, *ep;
         register int n;
         u_char *dnptrs[20], **dpp, **lastdnptr;
 
@@ -122,7 +122,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
         hp->rd = (_res.options & RES_RECURSE) != 0;
         hp->rcode = NOERROR;
         cp = buf + HFIXEDSZ;
-        buflen -= HFIXEDSZ;
+        ep = buf + buflen;
         dpp = dnptrs;
         *dpp++ = buf;
         *dpp++ = NULL;
@@ -133,12 +133,12 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
         switch (op) {
         case QUERY:     /*FALLTHROUGH*/
         case NS_NOTIFY_OP:
-                if ((buflen -= QFIXEDSZ) < 0)
+                if (ep - cp < QFIXEDSZ)
                         return (-1);
-                if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0)
+                if ((n = dn_comp(dname, cp, ep - cp - QFIXEDSZ, dnptrs,
+                    lastdnptr)) < 0)
                         return (-1);
                 cp += n;
-                buflen -= n;
                 __putshort(type, cp);
                 cp += INT16SZ;
                 __putshort(class, cp);
@@ -149,12 +149,13 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
                 /*
                  * Make an additional record for completion domain.
                  */
-                buflen -= RRFIXEDSZ;
-                n = dn_comp((char *)data, cp, buflen, dnptrs, lastdnptr);
+                if (ep - cp < RRFIXEDSZ)
+                        return (-1);
+                n = dn_comp((char *)data, cp, ep - cp - RRFIXEDSZ, dnptrs,
+                    lastdnptr);
                 if (n < 0)
                         return (-1);
                 cp += n;
-                buflen -= n;
                 __putshort(T_NULL, cp);
                 cp += INT16SZ;
                 __putshort(class, cp);
@@ -170,7 +171,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
                 /*
                  * Initialize answer section
                  */
-                if (buflen < 1 + RRFIXEDSZ + datalen)
+                if (ep - cp < 1 + RRFIXEDSZ + datalen)
                         return (-1);
                 *cp++ = '\0';   /* no domain name */
                 __putshort(type, cp);
@@ -203,17 +204,16 @@ res_opt(n0, buf, buflen, anslen)
         int anslen;             /* answer buffer length */
 {
         register HEADER *hp;
-        register u_char *cp;
+        register u_char *cp, *ep;
 
         hp = (HEADER *) buf;
         cp = buf + n0;
-        buflen -= n0;
+        ep = buf + buflen;
 
-        if (buflen < 1 + RRFIXEDSZ)
+        if (ep - cp < 1 + RRFIXEDSZ)
                 return -1;
 
         *cp++ = 0;      /* "." */
-        buflen--;
 
         __putshort(T_OPT, cp);  /* TYPE */
         cp += INT16SZ;
@@ -235,7 +235,6 @@ res_opt(n0, buf, buflen, anslen)
         __putshort(0, cp);      /* RDLEN */
         cp += INT16SZ;
         hp->arcount = htons(ntohs(hp->arcount) + 1);
-        buflen -= RRFIXEDSZ;
 
         return cp - buf;
 }