clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 14:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Fix for out of bounds integers, thanks to OSTIF audit. It is in

Browse Source 
allocation debug code.


git-svn-id: file:///svn/unbound/trunk@5143 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2019-04-02 12:28:20 +00:00
parent 59570b0413
commit e338143639
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Changelog
View File

@ -1,6 +1,8 @@
2 April 2019: Wouter
- Fix auth-zone NSEC3 response for empty nonterminals with exact
match nsec3 records.
- Fix for out of bounds integers, thanks to OSTIF audit. It is in
allocation debug code.
25 March 2019: Wouter
- Fix that tls-session-ticket-keys: "" on its own in unbound.conf

8
util/alloc.c
View File

@ -376,6 +376,7 @@ void *unbound_stat_malloc(size_t size)
{
void* res;
if(size == 0) size = 1;
log_assert(size <= SIZE_MAX-16);
res = malloc(size+16);
if(!res) return NULL;
unbound_mem_alloc += size;
@ -398,6 +399,7 @@ void *unbound_stat_calloc(size_t nmemb, size_t size)
if(nmemb != 0 && INT_MAX/nmemb < size)
return NULL; /* integer overflow check */
s = (nmemb*size==0)?(size_t)1:nmemb*size;
log_assert(s <= SIZE_MAX-16);
res = calloc(1, s+16);
if(!res) return NULL;
log_info("stat %p=calloc(%u, %u)", res+16, (unsigned)nmemb, (unsigned)size);
@ -447,6 +449,7 @@ void *unbound_stat_realloc(void *ptr, size_t size)
/* nothing changes */
return ptr;
}
log_assert(size <= SIZE_MAX-16);
res = malloc(size+16);
if(!res) return NULL;
unbound_mem_alloc += size;
@ -521,7 +524,9 @@ void *unbound_stat_malloc_lite(size_t size, const char* file, int line,
const char* func)
{
/* [prefix .. len .. actual data .. suffix] */
void* res = malloc(size+lite_pad*2+sizeof(size_t));
void* res;
log_assert(size <= SIZE_MAX-(lite_pad*2+sizeof(size_t)));
res = malloc(size+lite_pad*2+sizeof(size_t));
if(!res) return NULL;
memmove(res, lite_pre, lite_pad);
memmove(res+lite_pad, &size, sizeof(size_t));
@ -538,6 +543,7 @@ void *unbound_stat_calloc_lite(size_t nmemb, size_t size, const char* file,
if(nmemb != 0 && INT_MAX/nmemb < size)
return NULL; /* integer overflow check */
req = nmemb * size;
log_assert(req <= SIZE_MAX-(lite_pad*2+sizeof(size_t)));
res = malloc(req+lite_pad*2+sizeof(size_t));
if(!res) return NULL;
memmove(res, lite_pre, lite_pad);