From: Brian Fukano <bfukano@gmail.com>
To: bfukano@gmail.com, connman@lists.linux.dev
Subject: [PATCH v2] dnsproxy: fix signedness warnings
Date: Wed, 27 Mar 2024 12:12:29 -0700 [thread overview]
Message-ID: <20240327191229.248942-1-bfukano@gmail.com> (raw)
This fixes the signdness warnings in dnsproxy.c
---
src/dnsproxy.c | 50 ++++++++++++++++++++++++++++++--------------------
1 file changed, 30 insertions(+), 20 deletions(-)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index d4242560..a25fde35 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -417,30 +417,30 @@ static void refresh_dns_entry(struct cache_entry *entry, char *name)
entry->hits = 0;
}
-static size_t dns_name_length(const unsigned char *buf)
+static size_t dns_name_length(const unsigned char *buf, size_t len)
{
if ((buf[0] & NS_CMPRSFLGS) == NS_CMPRSFLGS) /* compressed name */
return 2;
- return strlen((const char *)buf) + 1;
+ return strnlen((const char *)buf, len) + 1;
}
-static void update_cached_ttl(unsigned char *ptr, int len, int new_ttl)
+static void update_cached_ttl(unsigned char *ptr, size_t len, int new_ttl)
{
size_t name_len;
const uint32_t raw_ttl = ntohl((uint32_t)new_ttl);
- if (new_ttl < 0)
+ if (new_ttl < 0 || len < DNS_HEADER_SIZE + DNS_QUESTION_SIZE + 1)
return;
/* skip the header */
ptr += DNS_HEADER_SIZE;
len -= DNS_HEADER_SIZE;
- if (len < DNS_QUESTION_SIZE + 1)
- return;
-
/* skip the query, which is a name and a struct domain_question */
- name_len = dns_name_length(ptr);
+ name_len = dns_name_length(ptr, len);
+
+ if (len < name_len + DNS_QUESTION_SIZE)
+ return;
ptr += name_len + DNS_QUESTION_SIZE;
len -= name_len + DNS_QUESTION_SIZE;
@@ -452,11 +452,12 @@ static void update_cached_ttl(unsigned char *ptr, int len, int new_ttl)
size_t rr_len;
/* first a name */
- name_len = dns_name_length(ptr);
+ name_len = dns_name_length(ptr, len);
+ if (len < name_len)
+ break;
+
ptr += name_len;
len -= name_len;
- if (len < 0)
- break;
rr = (void*)ptr;
if (len < sizeof(*rr))
@@ -468,6 +469,9 @@ static void update_cached_ttl(unsigned char *ptr, int len, int new_ttl)
/* skip to the next record */
rr_len = sizeof(*rr) + ntohs(rr->rdlen);
+ if (len < rr_len)
+ break;
+
ptr += rr_len;
len -= rr_len;
}
@@ -507,8 +511,8 @@ static void send_cached_response(int sk, const unsigned char *ptr, size_t len,
/* if this is a negative reply, we are authoritative */
if (answers == 0)
hdr->aa = 1;
- else {
- const int adj_len = len - 2;
+ else if (len > 2){
+ const size_t adj_len = len - 2;
update_cached_ttl((unsigned char *)hdr, adj_len, ttl);
}
@@ -520,7 +524,9 @@ static void send_cached_response(int sk, const unsigned char *ptr, size_t len,
connman_error("Cannot send cached DNS response: %s",
strerror(errno));
}
- else if (err != len || dns_len != (len - offset))
+
+ size_t bytes_sent = err;
+ if (bytes_sent != len || dns_len != (len - offset))
debug("Packet length mismatch, sent %d wanted %zd dns %zd",
err, len, dns_len);
}
@@ -655,8 +661,8 @@ static int append_data(unsigned char *buf, size_t size, const char *data)
size_t len;
while (true) {
- const char *dot = strchr(data, '.');
- len = dot ? dot - data : strlen(data);
+ const char *dot = strchrnul(data, '.');
+ len = dot - data;
if (len == 0)
break;
@@ -1063,7 +1069,7 @@ static int parse_response(const unsigned char *buf, size_t buflen,
qlen = strlen(question);
ptr += qlen + 1; /* skip \0 */
- if ((eptr - ptr) < DNS_QUESTION_SIZE)
+ if (ptr + DNS_QUESTION_SIZE >= eptr)
return -EINVAL;
q = (void *) ptr;
@@ -1398,7 +1404,7 @@ static int reply_query_type(const unsigned char *msg, int len)
return 0;
/* now the query, which is a name and 2 16 bit words for type and class */
- c += dns_name_length(c);
+ c += dns_name_length(c, len);
type = c[0] << 8 | c[1];
@@ -2031,7 +2037,7 @@ static int dns_reply_fixup_domains(
const char *domain;
/* full header plus at least one byte for the hostname length */
- if (reply_len < header_len + 1)
+ if (reply_len < header_len + 1U)
return -EINVAL;
section_counts[0] = hdr->ancount;
@@ -2510,6 +2516,7 @@ hangup:
if (!reply) {
uint16_t reply_len;
+ size_t bytes_len;
bytes_recv = recv(sk, &reply_len, sizeof(reply_len), MSG_PEEK);
if (!bytes_recv) {
@@ -2521,7 +2528,10 @@ hangup:
connman_error("DNS proxy error %s",
strerror(errno));
goto hangup;
- } else if (bytes_recv < sizeof(reply_len))
+ }
+
+ bytes_len = bytes_recv;
+ if (bytes_len < sizeof(reply_len))
return TRUE;
/* the header contains the length of the message
--
2.34.1
reply other threads:[~2024-03-27 19:12 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240327191229.248942-1-bfukano@gmail.com \
--to=bfukano@gmail.com \
--cc=connman@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).