06b5c95b05
Various coverity fixes, not yet sent to upstream.
63 lines
3.7 KiB
Diff
63 lines
3.7 KiB
Diff
From 82c23fb1f0d9e46c6ce4bc4a57f0d377cc6089b7 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
|
Date: Fri, 3 Sep 2021 22:51:36 +0200
|
|
Subject: [PATCH 15/15] Fix coverity issues in dnssec.c
|
|
|
|
Error: CHECKED_RETURN (CWE-252): [#def26]
|
|
dnsmasq-2.86rc3/src/dnssec.c:727: check_return: Calling "extract_name" without checking return value (as is done elsewhere 9 out of 10 times).
|
|
dnsmasq-2.86rc3/src/dnssec.c:459: example_checked: Example 1: "extract_name(header, plen, &p, keyname, 1, 0)" has its value checked in "extract_name(header, plen, &p, keyname, 1, 0)".
|
|
dnsmasq-2.86rc3/src/dnssec.c:269: example_checked: Example 2: "extract_name(header, plen, &state->ip, state->buff, 1, 0)" has its value checked in "extract_name(header, plen, &state->ip, state->buff, 1, 0)".
|
|
dnsmasq-2.86rc3/src/dnssec.c:569: example_checked: Example 3: "extract_name(header, plen, &p, keyname, 1, 0)" has its value checked in "extract_name(header, plen, &p, keyname, 1, 0)".
|
|
dnsmasq-2.86rc3/src/rfc1035.c:648: example_checked: Example 4: "extract_name(header, qlen, &p1, name, 1, 0)" has its value checked in "extract_name(header, qlen, &p1, name, 1, 0)".
|
|
dnsmasq-2.86rc3/src/rfc1035.c:787: example_checked: Example 5: "extract_name(header, qlen, &p1, name, 1, 0)" has its value checked in "extract_name(header, qlen, &p1, name, 1, 0)".
|
|
# 725| /* namebuff used for workspace above, restore to leave unchanged on exit */
|
|
# 726| p = (unsigned char*)(rrset[0]);
|
|
# 727|-> extract_name(header, plen, &p, name, 1, 0);
|
|
# 728|
|
|
# 729| if (key)
|
|
|
|
Error: CHECKED_RETURN (CWE-252): [#def27]
|
|
dnsmasq-2.86rc3/src/dnssec.c:1020: check_return: Calling "extract_name" without checking return value (as is done elsewhere 7 out of 8 times).
|
|
dnsmasq-2.86rc3/src/auth.c:140: example_checked: Example 1: "extract_name(header, qlen, &p, name, 1, 4)" has its value checked in "extract_name(header, qlen, &p, name, 1, 4)".
|
|
dnsmasq-2.86rc3/src/dnssec.c:771: example_checked: Example 2: "extract_name(header, plen, &p, name, 1, 4)" has its value checked in "extract_name(header, plen, &p, name, 1, 4)".
|
|
dnsmasq-2.86rc3/src/hash-questions.c:57: example_checked: Example 3: "extract_name(header, plen, &p, name, 1, 4)" has its value checked in "extract_name(header, plen, &p, name, 1, 4)".
|
|
dnsmasq-2.86rc3/src/rfc1035.c:1028: example_checked: Example 4: "extract_name(header, qlen, &p, name, 1, 4)" has its value checked in "extract_name(header, qlen, &p, name, 1, 4)".
|
|
dnsmasq-2.86rc3/src/rfc1035.c:1438: example_checked: Example 5: "extract_name(header, qlen, &p, name, 1, 4)" has its value checked in "extract_name(header, qlen, &p, name, 1, 4)".
|
|
# 1018|
|
|
# 1019| p = (unsigned char *)(header+1);
|
|
# 1020|-> extract_name(header, plen, &p, name, 1, 4);
|
|
# 1021| p += 4; /* qtype, qclass */
|
|
# 1022|
|
|
---
|
|
src/dnssec.c | 7 +++++--
|
|
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/dnssec.c b/src/dnssec.c
|
|
index 94ebb6f..8800a5b 100644
|
|
--- a/src/dnssec.c
|
|
+++ b/src/dnssec.c
|
|
@@ -724,7 +724,8 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
|
|
|
/* namebuff used for workspace above, restore to leave unchanged on exit */
|
|
p = (unsigned char*)(rrset[0]);
|
|
- extract_name(header, plen, &p, name, 1, 0);
|
|
+ if (!extract_name(header, plen, &p, name, 1, 0))
|
|
+ return STAT_BOGUS;
|
|
|
|
if (key)
|
|
{
|
|
@@ -1017,7 +1018,9 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
|
|
}
|
|
|
|
p = (unsigned char *)(header+1);
|
|
- extract_name(header, plen, &p, name, 1, 4);
|
|
+ if (!extract_name(header, plen, &p, name, 1, 4))
|
|
+ return STAT_BOGUS;
|
|
+
|
|
p += 4; /* qtype, qclass */
|
|
|
|
/* If the key needed to validate the DS is on the same domain as the DS, we'll
|
|
--
|
|
2.31.1
|
|
|