[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] 06/06: guard more carefully against integer overfl
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnunet] 06/06: guard more carefully against integer overflows |
|
Date: |
Sun, 20 May 2018 19:06:54 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
commit d9137653d89ed3497d8a23dc049216bd316e07ce
Author: Christian Grothoff <address@hidden>
AuthorDate: Sun May 20 19:06:46 2018 +0200
guard more carefully against integer overflows
---
src/gns/gnunet-service-gns_resolver.c | 14 +++++++++++---
src/gnsrecord/gnsrecord_serialization.c | 12 ++++++++----
2 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/src/gns/gnunet-service-gns_resolver.c
b/src/gns/gnunet-service-gns_resolver.c
index edb3d5231..b66516363 100644
--- a/src/gns/gnunet-service-gns_resolver.c
+++ b/src/gns/gnunet-service-gns_resolver.c
@@ -1654,6 +1654,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle
*rh,
size_t off;
struct Gns2DnsPending *gp;
struct GNUNET_CRYPTO_EcdsaPublicKey zone;
+ struct sockaddr_in v4;
+ struct sockaddr_in6 v6;
if (GNUNET_GNSRECORD_TYPE_GNS2DNS != rd[i].record_type)
continue;
@@ -1695,10 +1697,16 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle
*rh,
}
/* check if 'ip' is already an IPv4/IPv6 address */
- if (GNUNET_OK ==
- GNUNET_DNSSTUB_add_dns_ip (ac->authority_info.dns_authority.dns_handle,
- ip))
+ if ( (1 == inet_pton (AF_INET,
+ ip,
+ &v4)) ||
+ (1 == inet_pton (AF_INET6,
+ ip,
+ &v6)) )
{
+ GNUNET_break (GNUNET_OK ==
+ GNUNET_DNSSTUB_add_dns_ip
(ac->authority_info.dns_authority.dns_handle,
+ ip));
ac->authority_info.dns_authority.found = GNUNET_YES;
GNUNET_free (ip);
continue;
diff --git a/src/gnsrecord/gnsrecord_serialization.c
b/src/gnsrecord/gnsrecord_serialization.c
index 1db27464f..6164fa3db 100644
--- a/src/gnsrecord/gnsrecord_serialization.c
+++ b/src/gnsrecord/gnsrecord_serialization.c
@@ -126,7 +126,8 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count,
rec.data_size = htonl ((uint32_t) rd[i].data_size);
rec.record_type = htonl (rd[i].record_type);
rec.flags = htonl (rd[i].flags);
- if (off + sizeof (rec) > dest_size)
+ if ( (off + sizeof (rec) > dest_size) ||
+ (off + sizeof (rec) < off) )
{
GNUNET_break (0);
return -1;
@@ -135,7 +136,8 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count,
&rec,
sizeof (rec));
off += sizeof (rec);
- if (off + rd[i].data_size > dest_size)
+ if ( (off + rd[i].data_size > dest_size) ||
+ (off + rd[i].data_size < off) )
{
GNUNET_break (0);
return -1;
@@ -185,7 +187,8 @@ GNUNET_GNSRECORD_records_deserialize (size_t len,
off = 0;
for (unsigned int i=0;i<rd_count;i++)
{
- if (off + sizeof (rec) > len)
+ if ( (off + sizeof (rec) > len) ||
+ (off + sizeof (rec) < off) )
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
@@ -198,7 +201,8 @@ GNUNET_GNSRECORD_records_deserialize (size_t len,
dest[i].record_type = ntohl (rec.record_type);
dest[i].flags = ntohl (rec.flags);
off += sizeof (rec);
- if (off + dest[i].data_size > len)
+ if ( (off + dest[i].data_size > len) ||
+ (off + dest[i].data_size < off) )
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnunet] branch master updated (565515da0 -> d9137653d), gnunet, 2018/05/20
- [GNUnet-SVN] [gnunet] 01/06: remove dead shorten logic, gnunet, 2018/05/20
- [GNUnet-SVN] [gnunet] 04/06: fix warning, gnunet, 2018/05/20
- [GNUnet-SVN] [gnunet] 06/06: guard more carefully against integer overflows,
gnunet <=
- [GNUnet-SVN] [gnunet] 03/06: add logic to count concurrently active GNS requests, gnunet, 2018/05/20
- [GNUnet-SVN] [gnunet] 05/06: add test for gns2dns records pointing to DNS name, gnunet, 2018/05/20
- [GNUnet-SVN] [gnunet] 02/06: allow multiple GNS2DNS records to co-exist, gnunet, 2018/05/20