| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | fix out-of-bounds reads in __dns_parse•••There are several issues with range checks in this function:
* The question section parsing loop can read up to two out-of-bounds
bytes before doing the range check and bailing out.
* The answer section parsing loop, in addition to the same issue as
above, uses the wrong length in the range check that doesn't prevent
OOB reads when computing len later.
* The len range check before calling the callback is off by 10. Also,
p+len can overflow in a (probably theoretical) case when p is within
2^16 from UINTPTR_MAX.
Because __dns_parse is used only with stack-allocated buffers, such
small overreads can't result in a segfault. The first two also don't
affect the function result, but the last one may result in getaddrinfo
incorrectly succeeding and returning up to 10 bytes past the
response buffer as a part of the IP address, and in (canon) name
returned by getaddrinfo/getnameinfo being affected by memory past the
response buffer (because dn_expand might interpret it as a pointer).
| Alexey Izbyshev | 2023-02-27 | 1 | -3/+3 |
| * | move and deduplicate declarations of __dns_parse to make it checkable•••the source file for this function is completely standalone, but it
doesn't seem worth adding a header just for it, so declare it in
lookup.h for now.
| Rich Felker | 2018-09-12 | 1 | -0/+1 |
| * | fix some validation checks in dns response parsing code•••since the buffer passed always has an actual size of 512 bytes, the
maximum possible response packet size, no out-of-bounds access was
possible; however, reading past the end of the valid portion of the
packet could cause the parser to attempt to process junk as answer
content.
| Rich Felker | 2014-06-03 | 1 | -2/+3 |
| * | switch standard resolver functions to use the new dns backend•••this is the third phase of the "resolver overhaul" project.
this commit removes all of the old dns code, and switches the
__lookup_name backend (used by getaddrinfo, etc.) and the getnameinfo
function to use the newly implemented __res_mkquery and __res_msend
interfaces. for parsing the results, a new callback-based __dns_parse
function, based on __dns_get_rr from the old dns code, is used.
| Rich Felker | 2014-06-02 | 1 | -0/+31 |
