summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNIIBE Yutaka <gniibe@fsij.org>2020-05-20 12:44:38 +0200
committerNIIBE Yutaka <gniibe@fsij.org>2020-05-20 12:44:38 +0200
commit30eef28bc0f5deaa1b4b7f04293a6527524280a9 (patch)
treeccbcfa79d9dc272ae0b8802942fdb90b1e9703c6
parentsm: Create ECC certificates with AKI and SKI by default. (diff)
downloadgnupg2-30eef28bc0f5deaa1b4b7f04293a6527524280a9.tar.xz
gnupg2-30eef28bc0f5deaa1b4b7f04293a6527524280a9.zip
dirmngr: dns: Fix allocation of string buffer in stack.
* dirmngr/dns.h (dns_strsection, dns_strclass) (dns_strtype): Change APIs. * dirmngr/dns.c (dns_p_lines): Use __dst for dns_strsection. (dns_rr_print): Use __dst for dns_strclass and dns_strtype. (dns_trace_dump): Likewise. (dns_ai_print): Use __dst for dns_strtype. (dns_strsection): Add an argument __dst for storage. (dns_strclass, dns_strtype): Likewise. (parse_packet): Use __dst for dns_strsection. (send_query): Use __dst for dns_strtype. (isection): Use __dst for dns_strsection. (iclass): Use __dst for dns_strclass. (itype): Use __dst for dns_strtype. GnuPG-bug-id: 4934 Reported-by: Tomas Mraz Fixes-commit: 455ef62d29a112de05897139716265d07e4c6ae3 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-rw-r--r--dirmngr/dns.c52
-rw-r--r--dirmngr/dns.h6
2 files changed, 32 insertions, 26 deletions
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 9d5570821..0ea6be3fb 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -2150,6 +2150,7 @@ static size_t dns_p_lines_fmt(void *dst, size_t lim, dns_error_t *_error, const
static size_t dns_p_lines(void *dst, size_t lim, dns_error_t *_error, struct dns_packet *P, struct dns_rr_i *I, struct dns_p_lines_i *state) {
int error, pc;
size_t len;
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
*_error = 0;
@@ -2168,7 +2169,7 @@ static size_t dns_p_lines(void *dst, size_t lim, dns_error_t *_error, struct dns
while (dns_rr_grep(&state->rr, 1, I, P, &error)) {
if (state->section != state->rr.section) {
DNS_P_LINE("\n");
- DNS_P_LINE(";; [%s:%d]\n", dns_strsection(state->rr.section), dns_p_count(P, state->rr.section));
+ DNS_P_LINE(";; [%s:%d]\n", dns_strsection(state->rr.section, __dst), dns_p_count(P, state->rr.section));
}
if (!(len = dns_rr_print(dst, lim, &state->rr, P, &error)))
@@ -3274,6 +3275,7 @@ size_t dns_rr_print(void *_dst, size_t lim, struct dns_rr *rr, struct dns_packet
union dns_any any;
size_t n;
int error;
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
if (rr->section == DNS_S_QD)
dns_b_putc(&dst, ';');
@@ -3288,9 +3290,9 @@ size_t dns_rr_print(void *_dst, size_t lim, struct dns_rr *rr, struct dns_packet
}
dns_b_putc(&dst, ' ');
- dns_b_puts(&dst, dns_strclass(rr->class));
+ dns_b_puts(&dst, dns_strclass(rr->class, __dst));
dns_b_putc(&dst, ' ');
- dns_b_puts(&dst, dns_strtype(rr->type));
+ dns_b_puts(&dst, dns_strtype(rr->type, __dst));
if (rr->section == DNS_S_QD)
goto epilog;
@@ -4862,6 +4864,7 @@ dns_error_t dns_trace_dump(struct dns_trace *trace, FILE *fp) {
dns_microseconds_t begin, elapsed;
} state = { 0 };
int error;
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
if (!trace || !trace->fp)
return EINVAL;
@@ -4884,8 +4887,8 @@ dns_error_t dns_trace_dump(struct dns_trace *trace, FILE *fp) {
fprintf(fp, "dns_res_submit:\n");
dns_trace_dump_meta(trace, " ", te, state.elapsed, fp);
fprintf(fp, " qname: %s\n", te->res_submit.qname);
- fprintf(fp, " qtype: %s\n", dns_strtype(te->res_submit.qtype));
- fprintf(fp, " qclass: %s\n", dns_strclass(te->res_submit.qclass));
+ fprintf(fp, " qtype: %s\n", dns_strtype(te->res_submit.qtype, __dst));
+ fprintf(fp, " qclass: %s\n", dns_strclass(te->res_submit.qclass, __dst));
dns_trace_dump_error(trace, " error: ", te->res_submit.error, fp);
break;
case DNS_TE_RES_FETCH:
@@ -10008,16 +10011,17 @@ int dns_ai_poll(struct dns_addrinfo *ai, int timeout) {
size_t dns_ai_print(void *_dst, size_t lim, struct addrinfo *ent, struct dns_addrinfo *ai) {
struct dns_buf dst = DNS_B_INTO(_dst, lim);
char addr[DNS_PP_MAX(INET_ADDRSTRLEN, INET6_ADDRSTRLEN) + 1];
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
dns_b_puts(&dst, "[ ");
dns_b_puts(&dst, ai->qname);
dns_b_puts(&dst, " IN ");
if (ai->qtype) {
- dns_b_puts(&dst, dns_strtype(ai->qtype));
+ dns_b_puts(&dst, dns_strtype(ai->qtype, __dst));
} else if (ent->ai_family == AF_INET) {
- dns_b_puts(&dst, dns_strtype(DNS_T_A));
+ dns_b_puts(&dst, dns_strtype(DNS_T_A, __dst));
} else if (ent->ai_family == AF_INET6) {
- dns_b_puts(&dst, dns_strtype(DNS_T_AAAA));
+ dns_b_puts(&dst, dns_strtype(DNS_T_AAAA, __dst));
} else {
dns_b_puts(&dst, "0");
}
@@ -10104,9 +10108,8 @@ static const struct {
{ "AR", DNS_S_ADDITIONAL },
};
-const char *(dns_strsection)(enum dns_section section) {
- char _dst[DNS_STRMAXLEN + 1] = { 0 };
- struct dns_buf dst = DNS_B_INTO(_dst, sizeof _dst);
+const char *(dns_strsection)(enum dns_section section, char *_dst) {
+ struct dns_buf dst = DNS_B_INTO(_dst, DNS_STRMAXLEN + 1);
unsigned i;
for (i = 0; i < lengthof(dns_sections); i++) {
@@ -10154,9 +10157,8 @@ static const struct {
{ "IN", DNS_C_IN },
};
-const char *(dns_strclass)(enum dns_class type) {
- char _dst[DNS_STRMAXLEN + 1] = { 0 };
- struct dns_buf dst = DNS_B_INTO(_dst, sizeof _dst);
+const char *(dns_strclass)(enum dns_class type, char *_dst) {
+ struct dns_buf dst = DNS_B_INTO(_dst, DNS_STRMAXLEN + 1);
unsigned i;
for (i = 0; i < lengthof(dns_classes); i++) {
@@ -10191,9 +10193,8 @@ enum dns_class dns_iclass(const char *name) {
} /* dns_iclass() */
-const char *(dns_strtype)(enum dns_type type) {
- char _dst[DNS_STRMAXLEN + 1] = { 0 };
- struct dns_buf dst = DNS_B_INTO(_dst, sizeof _dst);
+const char *(dns_strtype)(enum dns_type type, char *_dst) {
+ struct dns_buf dst = DNS_B_INTO(_dst, DNS_STRMAXLEN + 1);
unsigned i;
for (i = 0; i < lengthof(dns_rrtypes); i++) {
@@ -10616,6 +10617,7 @@ static int parse_packet(int argc DNS_NOTUSED, char *argv[] DNS_NOTUSED) {
union dns_any any;
char pretty[sizeof any * 2];
size_t len;
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
P->end = fread(P->data, 1, P->size, stdin);
@@ -10632,7 +10634,7 @@ static int parse_packet(int argc DNS_NOTUSED, char *argv[] DNS_NOTUSED) {
dns_rr_foreach(&rr, P, .sort = MAIN.sort) {
if (section != rr.section)
- fprintf(stdout, "\n;; [%s:%d]\n", dns_strsection(rr.section), dns_p_count(P, rr.section));
+ fprintf(stdout, "\n;; [%s:%d]\n", dns_strsection(rr.section, __dst), dns_p_count(P, rr.section));
if ((len = dns_rr_print(pretty, sizeof pretty, &rr, P, &error)))
fprintf(stdout, "%s\n", pretty);
@@ -10663,7 +10665,7 @@ static int parse_packet(int argc DNS_NOTUSED, char *argv[] DNS_NOTUSED) {
rr = rrset[i];
#endif
if (section != rr.section)
- fprintf(stdout, "\n;; [%s:%d]\n", dns_strsection(rr.section), dns_p_count(Q, rr.section));
+ fprintf(stdout, "\n;; [%s:%d]\n", dns_strsection(rr.section, __dst), dns_p_count(Q, rr.section));
if ((len = dns_rr_print(pretty, sizeof pretty, &rr, Q, &error)))
fprintf(stdout, "%s\n", pretty);
@@ -10942,6 +10944,7 @@ static int send_query(int argc, char *argv[]) {
struct dns_socket *so;
int error, type;
struct dns_options opts = { 0 };
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
memset(&ss, 0, sizeof ss);
if (argc > 1) {
@@ -10974,7 +10977,7 @@ static int send_query(int argc, char *argv[]) {
else
type = dns_res_tcp2type(resconf()->options.tcp);
- fprintf(stderr, "querying %s for %s IN %s\n", host, MAIN.qname, dns_strtype(MAIN.qtype));
+ fprintf(stderr, "querying %s for %s IN %s\n", host, MAIN.qname, dns_strtype(MAIN.qtype, __dst));
if (!(so = dns_so_open((struct sockaddr *)&resconf()->iface, type, &opts, &error)))
panic("dns_so_open: %s", dns_strerror(error));
@@ -11225,11 +11228,12 @@ static int echo_port(int argc DNS_NOTUSED, char *argv[] DNS_NOTUSED) {
static int isection(int argc, char *argv[]) {
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
const char *name = (argc > 1)? argv[1] : "";
int type;
type = dns_isection(name);
- name = dns_strsection(type);
+ name = dns_strsection(type, __dst);
printf("%s (%d)\n", name, type);
@@ -11238,11 +11242,12 @@ static int isection(int argc, char *argv[]) {
static int iclass(int argc, char *argv[]) {
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
const char *name = (argc > 1)? argv[1] : "";
int type;
type = dns_iclass(name);
- name = dns_strclass(type);
+ name = dns_strclass(type, __dst);
printf("%s (%d)\n", name, type);
@@ -11251,11 +11256,12 @@ static int iclass(int argc, char *argv[]) {
static int itype(int argc, char *argv[]) {
+ char __dst[DNS_STRMAXLEN + 1] = { 0 };
const char *name = (argc > 1)? argv[1] : "";
int type;
type = dns_itype(name);
- name = dns_strtype(type);
+ name = dns_strtype(type, __dst);
printf("%s (%d)\n", name, type);
diff --git a/dirmngr/dns.h b/dirmngr/dns.h
index 024d6dcc8..1f647e101 100644
--- a/dirmngr/dns.h
+++ b/dirmngr/dns.h
@@ -272,15 +272,15 @@ enum dns_rcode {
*/
#define DNS_STRMAXLEN 47 /* "QUESTION|ANSWER|AUTHORITY|ADDITIONAL" */
-DNS_PUBLIC const char *dns_strsection(enum dns_section);
+DNS_PUBLIC const char *dns_strsection(enum dns_section, char *);
DNS_PUBLIC enum dns_section dns_isection(const char *);
-DNS_PUBLIC const char *dns_strclass(enum dns_class);
+DNS_PUBLIC const char *dns_strclass(enum dns_class, char *);
DNS_PUBLIC enum dns_class dns_iclass(const char *);
-DNS_PUBLIC const char *dns_strtype(enum dns_type);
+DNS_PUBLIC const char *dns_strtype(enum dns_type, char *);
DNS_PUBLIC enum dns_type dns_itype(const char *);