From: Brian Fukano <bfukano@gmail.com>
To: bfukano@gmail.com, connman@lists.linux.dev
Subject: [PATCH v2] dnsproxy: fix signedness warnings
Date: Wed, 27 Mar 2024 12:12:29 -0700 [thread overview]
Message-ID: <20240327191229.248942-1-bfukano@gmail.com> (raw)
This fixes the signdness warnings in dnsproxy.c
---
src/dnsproxy.c | 50 ++++++++++++++++++++++++++++++--------------------
1 file changed, 30 insertions(+), 20 deletions(-)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index d4242560..a25fde35 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -417,30 +417,30 @@ static void refresh_dns_entry(struct cache_entry *entry, char *name)
entry->hits = 0;
}
-static size_t dns_name_length(const unsigned char *buf)
+static size_t dns_name_length(const unsigned char *buf, size_t len)
{
if ((buf[0] & NS_CMPRSFLGS) == NS_CMPRSFLGS) /* compressed name */
return 2;
- return strlen((const char *)buf) + 1;
+ return strnlen((const char *)buf, len) + 1;
}
-static void update_cached_ttl(unsigned char *ptr, int len, int new_ttl)
+static void update_cached_ttl(unsigned char *ptr, size_t len, int new_ttl)
{
size_t name_len;
const uint32_t raw_ttl = ntohl((uint32_t)new_ttl);
- if (new_ttl < 0)
+ if (new_ttl < 0 || len < DNS_HEADER_SIZE + DNS_QUESTION_SIZE + 1)
return;
/* skip the header */
ptr += DNS_HEADER_SIZE;
len -= DNS_HEADER_SIZE;
- if (len < DNS_QUESTION_SIZE + 1)
- return;
-
/* skip the query, which is a name and a struct domain_question */
- name_len = dns_name_length(ptr);
+ name_len = dns_name_length(ptr, len);
+
+ if (len < name_len + DNS_QUESTION_SIZE)
+ return;
ptr += name_len + DNS_QUESTION_SIZE;
len -= name_len + DNS_QUESTION_SIZE;
@@ -452,11 +452,12 @@ static void update_cached_ttl(unsigned char *ptr, int len, int new_ttl)
size_t rr_len;
/* first a name */
- name_len = dns_name_length(ptr);
+ name_len = dns_name_length(ptr, len);
+ if (len < name_len)
+ break;
+
ptr += name_len;
len -= name_len;
- if (len < 0)
- break;
rr = (void*)ptr;
if (len < sizeof(*rr))
@@ -468,6 +469,9 @@ static void update_cached_ttl(unsigned char *ptr, int len, int new_ttl)
/* skip to the next record */
rr_len = sizeof(*rr) + ntohs(rr->rdlen);
+ if (len < rr_len)
+ break;
+
ptr += rr_len;
len -= rr_len;
}
@@ -507,8 +511,8 @@ static void send_cached_response(int sk, const unsigned char *ptr, size_t len,
/* if this is a negative reply, we are authoritative */
if (answers == 0)
hdr->aa = 1;
- else {
- const int adj_len = len - 2;
+ else if (len > 2){
+ const size_t adj_len = len - 2;
update_cached_ttl((unsigned char *)hdr, adj_len, ttl);
}
@@ -520,7 +524,9 @@ static void send_cached_response(int sk, const unsigned char *ptr, size_t len,
connman_error("Cannot send cached DNS response: %s",
strerror(errno));
}
- else if (err != len || dns_len != (len - offset))
+
+ size_t bytes_sent = err;
+ if (bytes_sent != len || dns_len != (len - offset))
debug("Packet length mismatch, sent %d wanted %zd dns %zd",
err, len, dns_len);
}
@@ -655,8 +661,8 @@ static int append_data(unsigned char *buf, size_t size, const char *data)
size_t len;
while (true) {
- const char *dot = strchr(data, '.');
- len = dot ? dot - data : strlen(data);
+ const char *dot = strchrnul(data, '.');
+ len = dot - data;
if (len == 0)
break;
@@ -1063,7 +1069,7 @@ static int parse_response(const unsigned char *buf, size_t buflen,
qlen = strlen(question);
ptr += qlen + 1; /* skip \0 */
- if ((eptr - ptr) < DNS_QUESTION_SIZE)
+ if (ptr + DNS_QUESTION_SIZE >= eptr)
return -EINVAL;
q = (void *) ptr;
@@ -1398,7 +1404,7 @@ static int reply_query_type(const unsigned char *msg, int len)
return 0;
/* now the query, which is a name and 2 16 bit words for type and class */
- c += dns_name_length(c);
+ c += dns_name_length(c, len);
type = c[0] << 8 | c[1];
@@ -2031,7 +2037,7 @@ static int dns_reply_fixup_domains(
const char *domain;
/* full header plus at least one byte for the hostname length */
- if (reply_len < header_len + 1)
+ if (reply_len < header_len + 1U)
return -EINVAL;
section_counts[0] = hdr->ancount;
@@ -2510,6 +2516,7 @@ hangup:
if (!reply) {
uint16_t reply_len;
+ size_t bytes_len;
bytes_recv = recv(sk, &reply_len, sizeof(reply_len), MSG_PEEK);
if (!bytes_recv) {
@@ -2521,7 +2528,10 @@ hangup:
connman_error("DNS proxy error %s",
strerror(errno));
goto hangup;
- } else if (bytes_recv < sizeof(reply_len))
+ }
+
+ bytes_len = bytes_recv;
+ if (bytes_len < sizeof(reply_len))
return TRUE;
/* the header contains the length of the message
--
2.34.1
reply other threads:[~2024-03-27 19:12 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240327191229.248942-1-bfukano@gmail.com \
--to=bfukano@gmail.com \
--cc=connman@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.