summaryrefslogtreecommitdiff
path: root/src/lib/libc/net/res_mkquery.c
diff options
context:
space:
mode:
authoritojun <>2002-06-26 06:01:16 +0000
committeritojun <>2002-06-26 06:01:16 +0000
commitf1f381f26db98078dfc10572dbe1aa273fc16d94 (patch)
tree269c86f8c2ae89cb848e0115f62fafa05558b084 /src/lib/libc/net/res_mkquery.c
parent2de6ddb6a22feedbcbc44271ca3841ddc526981b (diff)
downloadopenbsd-f1f381f26db98078dfc10572dbe1aa273fc16d94.tar.gz
openbsd-f1f381f26db98078dfc10572dbe1aa273fc16d94.tar.bz2
openbsd-f1f381f26db98078dfc10572dbe1aa273fc16d94.zip
correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use fixed point (ep) as the ending pointer. this fix is NOT critical.
Diffstat (limited to 'src/lib/libc/net/res_mkquery.c')
-rw-r--r--src/lib/libc/net/res_mkquery.c31
1 files changed, 15 insertions, 16 deletions
diff --git a/src/lib/libc/net/res_mkquery.c b/src/lib/libc/net/res_mkquery.c
index e414b5060d..6e57ec3217 100644
--- a/src/lib/libc/net/res_mkquery.c
+++ b/src/lib/libc/net/res_mkquery.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: res_mkquery.c,v 1.10 2001/07/31 22:02:18 jakob Exp $ */ 1/* $OpenBSD: res_mkquery.c,v 1.11 2002/06/26 06:01:16 itojun Exp $ */
2 2
3/* 3/*
4 * ++Copyright++ 1985, 1993 4 * ++Copyright++ 1985, 1993
@@ -60,7 +60,7 @@
60static char sccsid[] = "@(#)res_mkquery.c 8.1 (Berkeley) 6/4/93"; 60static char sccsid[] = "@(#)res_mkquery.c 8.1 (Berkeley) 6/4/93";
61static char rcsid[] = "$From: res_mkquery.c,v 8.5 1996/08/27 08:33:28 vixie Exp $"; 61static char rcsid[] = "$From: res_mkquery.c,v 8.5 1996/08/27 08:33:28 vixie Exp $";
62#else 62#else
63static char rcsid[] = "$OpenBSD: res_mkquery.c,v 1.10 2001/07/31 22:02:18 jakob Exp $"; 63static char rcsid[] = "$OpenBSD: res_mkquery.c,v 1.11 2002/06/26 06:01:16 itojun Exp $";
64#endif 64#endif
65#endif /* LIBC_SCCS and not lint */ 65#endif /* LIBC_SCCS and not lint */
66 66
@@ -91,7 +91,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
91 int buflen; /* size of buffer */ 91 int buflen; /* size of buffer */
92{ 92{
93 register HEADER *hp; 93 register HEADER *hp;
94 register u_char *cp; 94 register u_char *cp, *ep;
95 register int n; 95 register int n;
96 u_char *dnptrs[20], **dpp, **lastdnptr; 96 u_char *dnptrs[20], **dpp, **lastdnptr;
97 97
@@ -122,7 +122,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
122 hp->rd = (_res.options & RES_RECURSE) != 0; 122 hp->rd = (_res.options & RES_RECURSE) != 0;
123 hp->rcode = NOERROR; 123 hp->rcode = NOERROR;
124 cp = buf + HFIXEDSZ; 124 cp = buf + HFIXEDSZ;
125 buflen -= HFIXEDSZ; 125 ep = buf + buflen;
126 dpp = dnptrs; 126 dpp = dnptrs;
127 *dpp++ = buf; 127 *dpp++ = buf;
128 *dpp++ = NULL; 128 *dpp++ = NULL;
@@ -133,12 +133,12 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
133 switch (op) { 133 switch (op) {
134 case QUERY: /*FALLTHROUGH*/ 134 case QUERY: /*FALLTHROUGH*/
135 case NS_NOTIFY_OP: 135 case NS_NOTIFY_OP:
136 if ((buflen -= QFIXEDSZ) < 0) 136 if (ep - cp < QFIXEDSZ)
137 return (-1); 137 return (-1);
138 if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0) 138 if ((n = dn_comp(dname, cp, ep - cp - QFIXEDSZ, dnptrs,
139 lastdnptr)) < 0)
139 return (-1); 140 return (-1);
140 cp += n; 141 cp += n;
141 buflen -= n;
142 __putshort(type, cp); 142 __putshort(type, cp);
143 cp += INT16SZ; 143 cp += INT16SZ;
144 __putshort(class, cp); 144 __putshort(class, cp);
@@ -149,12 +149,13 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
149 /* 149 /*
150 * Make an additional record for completion domain. 150 * Make an additional record for completion domain.
151 */ 151 */
152 buflen -= RRFIXEDSZ; 152 if (ep - cp < RRFIXEDSZ)
153 n = dn_comp((char *)data, cp, buflen, dnptrs, lastdnptr); 153 return (-1);
154 n = dn_comp((char *)data, cp, ep - cp - RRFIXEDSZ, dnptrs,
155 lastdnptr);
154 if (n < 0) 156 if (n < 0)
155 return (-1); 157 return (-1);
156 cp += n; 158 cp += n;
157 buflen -= n;
158 __putshort(T_NULL, cp); 159 __putshort(T_NULL, cp);
159 cp += INT16SZ; 160 cp += INT16SZ;
160 __putshort(class, cp); 161 __putshort(class, cp);
@@ -170,7 +171,7 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
170 /* 171 /*
171 * Initialize answer section 172 * Initialize answer section
172 */ 173 */
173 if (buflen < 1 + RRFIXEDSZ + datalen) 174 if (ep - cp < 1 + RRFIXEDSZ + datalen)
174 return (-1); 175 return (-1);
175 *cp++ = '\0'; /* no domain name */ 176 *cp++ = '\0'; /* no domain name */
176 __putshort(type, cp); 177 __putshort(type, cp);
@@ -203,17 +204,16 @@ res_opt(n0, buf, buflen, anslen)
203 int anslen; /* answer buffer length */ 204 int anslen; /* answer buffer length */
204{ 205{
205 register HEADER *hp; 206 register HEADER *hp;
206 register u_char *cp; 207 register u_char *cp, *ep;
207 208
208 hp = (HEADER *) buf; 209 hp = (HEADER *) buf;
209 cp = buf + n0; 210 cp = buf + n0;
210 buflen -= n0; 211 ep = buf + buflen;
211 212
212 if (buflen < 1 + RRFIXEDSZ) 213 if (ep - cp < 1 + RRFIXEDSZ)
213 return -1; 214 return -1;
214 215
215 *cp++ = 0; /* "." */ 216 *cp++ = 0; /* "." */
216 buflen--;
217 217
218 __putshort(T_OPT, cp); /* TYPE */ 218 __putshort(T_OPT, cp); /* TYPE */
219 cp += INT16SZ; 219 cp += INT16SZ;
@@ -235,7 +235,6 @@ res_opt(n0, buf, buflen, anslen)
235 __putshort(0, cp); /* RDLEN */ 235 __putshort(0, cp); /* RDLEN */
236 cp += INT16SZ; 236 cp += INT16SZ;
237 hp->arcount = htons(ntohs(hp->arcount) + 1); 237 hp->arcount = htons(ntohs(hp->arcount) + 1);
238 buflen -= RRFIXEDSZ;
239 238
240 return cp - buf; 239 return cp - buf;
241} 240}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 00:15:54 +0000