diff options
Diffstat (limited to 'resolv/gethnamaddr.c')
| -rw-r--r-- | resolv/gethnamaddr.c | 44 |
1 files changed, 26 insertions, 18 deletions
diff --git a/resolv/gethnamaddr.c b/resolv/gethnamaddr.c index 114875b910..f2def79e24 100644 --- a/resolv/gethnamaddr.c +++ b/resolv/gethnamaddr.c @@ -212,6 +212,10 @@ getanswer(answer, anslen, qname, qtype) * (i.e., with the succeeding search-domain tacked on). */ n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + __set_h_errno (NO_RECOVERY); + return (NULL); + } host.h_name = bp; bp += n; buflen -= n; @@ -256,11 +260,15 @@ getanswer(answer, anslen, qname, qtype) /* Store alias. */ *ap++ = bp; n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + had_error++; + continue; + } bp += n; buflen -= n; /* Get canonical name. */ n = strlen(tbuf) + 1; /* for the \0 */ - if (n > buflen) { + if (n > buflen || n >= MAXHOSTNAMELEN) { had_error++; continue; } @@ -272,14 +280,14 @@ getanswer(answer, anslen, qname, qtype) } if (qtype == T_PTR && type == T_CNAME) { n = dn_expand(answer->buf, eom, cp, tbuf, sizeof tbuf); - if ((n < 0) || !res_hnok(tbuf)) { + if (n < 0 || !res_hnok(tbuf)) { had_error++; continue; } cp += n; /* Get canonical name. */ n = strlen(tbuf) + 1; /* for the \0 */ - if (n > buflen) { + if (n > buflen || n >= MAXHOSTNAMELEN) { had_error++; continue; } @@ -320,6 +328,10 @@ getanswer(answer, anslen, qname, qtype) n = -1; if (n != -1) { n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + had_error++; + break; + } bp += n; buflen -= n; } @@ -328,6 +340,10 @@ getanswer(answer, anslen, qname, qtype) host.h_name = bp; if (_res.options & RES_USE_INET6) { n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + had_error++; + break; + } bp += n; buflen -= n; map_v4v6_hostent(&host, &bp, &buflen); @@ -395,8 +411,8 @@ getanswer(answer, anslen, qname, qtype) # endif /*RESOLVSORT*/ if (!host.h_name) { n = strlen(qname) + 1; /* for the \0 */ - if (n > buflen) - goto try_again; + if (n > buflen || n >= MAXHOSTNAMELEN) + goto no_recovery; strcpy(bp, qname); host.h_name = bp; bp += n; @@ -407,8 +423,8 @@ getanswer(answer, anslen, qname, qtype) __set_h_errno (NETDB_SUCCESS); return (&host); } - try_again: - __set_h_errno (TRY_AGAIN); + no_recovery: + __set_h_errno (NO_RECOVERY); return (NULL); } @@ -508,13 +524,12 @@ gethostbyname2(name, af) if (!isdigit(*cp) && *cp != '.') break; } - if (isxdigit(name[0]) || name[0] == ':') + if ((isxdigit(name[0]) && strchr(name, ':') != NULL) || + name[0] == ':') for (cp = name;; ++cp) { if (!*cp) { if (*--cp == '.') break; - if (!strchr(name, ':')) - break; /* * All-IPv6-legal, no dot at the end. * Fake up a hostent as if we'd actually @@ -719,8 +734,7 @@ _gethtent() if (!(cp = strpbrk(p, " \t"))) goto again; *cp++ = '\0'; - if ((_res.options & RES_USE_INET6) && - inet_pton(AF_INET6, p, host_addr) > 0) { + if (inet_pton(AF_INET6, p, host_addr) > 0) { af = AF_INET6; len = IN6ADDRSZ; } else if (inet_pton(AF_INET, p, host_addr) > 0) { @@ -757,12 +771,6 @@ _gethtent() *cp++ = '\0'; } *q = NULL; - if (_res.options & RES_USE_INET6) { - char *bp = hostbuf; - int buflen = sizeof hostbuf; - - map_v4v6_hostent(&host, &bp, &buflen); - } __set_h_errno (NETDB_SUCCESS); return (&host); } |