This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On 05/31/2016 09:19 PM, Carlos O'Donell wrote:
diff --git a/resolv/res_send.c b/resolv/res_send.c
index 869294f..3f42313 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -359,7 +359,9 @@ __libc_res_nsend(res_state statp, const u_char *buf, int buflen,
return (-1);
}
- if (anssiz < (buf2 == NULL ? 1 : 2) * HFIXEDSZ) {
+ /* If the buffer can't be changed, and it's less than the
+ minimal header size, then that's an error. */
+ if (anssiz < HFIXEDSZ && ansp == NULL) {
__set_errno (EINVAL);
return (-1);
}
Maybe add a comment why we don't compare against the query size? The code might be used to send DNS UPDATE requests (although this isn't really supported), and the query might contain a large OPT RR which is not expected to be copied into the answer.
Florian
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |