ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
bcaf23dd2799e30cfee1b5d39dec0fbc8e5f7193
bind9/lib/dns
History
Mark Andrews 5f82841098 Silence untrusted loop bound on nsec3param.iterations 
630
   	    1. tainted_argument: Calling function dns_rdata_tostruct taints argument nsec3param.iterations. [show details]
    631        result = dns_rdata_tostruct(nsec3rdata, &nsec3param, NULL);
   	    2. Condition !!(result == 0), taking true branch.
   	    3. Condition !!(result == 0), taking true branch.
    632        RUNTIME_CHECK(result == ISC_R_SUCCESS);
    633
    634        dns_fixedname_init(&fixed);

            CID 281425 (#1 of 1): Untrusted loop bound (TAINTED_SCALAR)
            4. tainted_data: Passing tainted expression nsec3param.iterations to dns_nsec3_hashname, which uses it as a loop boundary. [show details]
   	    Ensure that tainted values are properly sanitized, by checking that their values are within a permissible range.
    635        result = dns_nsec3_hashname(&fixed, rawhash, &rhsize, vctx->origin,
    636                                    vctx->origin, nsec3param.hash,
    637                                    nsec3param.iterations, nsec3param.salt,
    638                                    nsec3param.salt_length);

(cherry picked from commit c5e1c35e45)
2021-07-12 12:16:29 +10:00
..
include
Add checkds code
2021-07-01 14:48:23 +02:00
rdata
Handle placeholder KEYDATA record
2021-07-01 15:01:05 +10:00
tests
Add rbtdb setownercase/getownercase unit test
2021-06-23 17:31:13 +02:00
win32
Fix windows build
2021-07-01 14:48:47 +02:00
.gitignore
acl.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
adb.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
badcache.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
byaddr.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
cache.c
Allow resetting hash table size limits for DNS DBs
2021-06-17 17:17:37 +02:00
callbacks.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
catz.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
client.c
properly initialise resarg->lock
2021-04-19 14:32:53 +02:00
clientinfo.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
compress.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
db.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
dbiterator.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dbtable.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
diff.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dispatch.c
Silence cppcheck 2.2 false positive in udp_recv()
2020-11-25 13:21:58 +01:00
dlz.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
dns64.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dnsrps.c
Add stale-refresh-time option
2020-11-11 15:59:56 -03:00
dnssec.c
Use isdigit instead of checking character range
2021-05-05 18:23:53 +02:00
dnstap.c
Address theoretical resource leak in dns_dt_open()
2021-02-23 09:41:15 +11:00
dnstap.proto
ds.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dst_api.c
Protect dst key metadata with lock
2021-07-01 14:48:47 +02:00
dst_internal.h
Protect dst key metadata with lock
2021-07-01 14:48:47 +02:00
dst_openssl.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dst_parse.c
Add key metadata for DS published/withdrawn
2021-07-01 14:48:23 +02:00
dst_parse.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dst_pkcs11.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dst_result.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
dyndb.c
hacks to get dyndb working without libtool
2021-05-14 12:52:48 +02:00
ecdb.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
ecs.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
fixedname.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
forward.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
gen-unix.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
gen-win32.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
gen.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
geoip2.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
gssapi_link.c
Stop including <gssapi.h> from <dst/gssapi.h> header
2021-02-16 12:08:21 +11:00
gssapictx.c
Free resources when gss_accept_sec_context() fails
2021-04-08 10:41:08 +02:00
hmac_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
ipkeylist.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
iptable.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
journal.c
Silence tainted scalar on rdlen
2021-07-12 10:45:42 +10:00
kasp.c
Add purge-keys config option
2021-02-23 09:18:55 +01:00
key.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
keydata.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
keymgr.c
Add checkds log notice
2021-07-01 14:48:23 +02:00
keytable.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
Kyuafile
lib.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
log.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
lookup.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
Makefile.in
Remove custom ISC SPNEGO implementation
2021-04-01 10:42:32 +02:00
mapapi
master.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
masterdump.c
Pause the dbiterator when dumping the zone to the disk
2021-06-04 11:32:31 +02:00
message.c
Update the source code formatting using clang-format-12
2021-06-13 08:19:44 +02:00
name.c
Use dns_name_copynf() with dns_message_gettempname() when needed
2021-05-22 07:17:01 +02:00
ncache.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
nsec3.c
Mark DNSSEC responses with NSEC3 records that exceed 150 as insecure
2021-04-30 11:16:45 +02:00
nsec.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
nta.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
openssl_link.c
Remove TLSDNS, TLS and HTTP protocols from netmgr
2021-05-14 12:52:48 +02:00
openssldh_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
opensslecdsa_link.c
Make opensslecdsa_parse use fromlabel
2021-01-26 15:04:59 +01:00
openssleddsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
opensslrsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
order.c
Allow "order none" in "rrset-order" rules
2020-10-02 08:50:51 +02:00
peer.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
pkcs11.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
pkcs11ecdsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
pkcs11eddsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
pkcs11rsa_link.c
Fix misplaced declaration
2020-12-01 23:19:20 +11:00
portlist.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
private.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rbt.c
Allow resetting hash table size limits for DNS DBs
2021-06-17 17:17:37 +02:00
rbtdb.c
Use POSIX tolower(), toupper() and isupper() functions
2021-06-23 11:50:11 +02:00
rbtdb.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rcode.c
Use isdigit instead of checking character range
2021-05-05 18:23:53 +02:00
rdata.c
Make calling generic rdata methods consistent
2021-04-13 01:54:29 +00:00
rdatalist_p.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rdatalist.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rdataset.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rdatasetiter.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rdataslab.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
request.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
resolver.c
use a fixedname buffer in dns_message_gettempname()
2021-05-22 07:13:57 +02:00
result.c
Add NSEC3PARAM unit test, refactor zone.c
2020-11-26 14:15:05 +00:00
rootns.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rpz.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00
rriterator.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
rrl.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
sdb.c
Add stale-refresh-time option
2020-11-11 15:59:56 -03:00
sdlz.c
Add stale-refresh-time option
2020-11-11 15:59:56 -03:00
soa.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
ssu_external.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
ssu.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
stats.c
Update comments to have binary notation
2020-09-29 10:40:56 +10:00
tcpmsg.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
time.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
timer.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
tkey.c
Use dns_name_copynf() with dns_message_gettempname() when needed
2021-05-22 07:17:01 +02:00
tsec.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
tsig_p.h
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
tsig.c
Use dns_name_copynf() with dns_message_gettempname() when needed
2021-05-22 07:17:01 +02:00
ttl.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
update.c
Lock kasp when looking for zone keys
2021-05-20 09:52:53 +02:00
validator.c
Mark DNSSEC responses with NSEC3 records that exceed 150 as insecure
2021-04-30 11:16:45 +02:00
version.c
Use -release instead of -version-info for internal library SONAMEs
2021-01-25 15:28:09 +01:00
view.c
Initialize checknames field in dns_view_create()
2021-02-23 16:45:36 +01:00
xfrin.c
use a fixedname buffer in dns_message_gettempname()
2021-05-22 07:13:57 +02:00
zone_p.h
Add NSEC3PARAM unit test, refactor zone.c
2020-11-26 14:15:05 +00:00
zone.c
Fix CID 332468: Memory - illegal accesses (UNINIT)
2021-07-01 14:59:00 +02:00
zonekey.c
update all copyright headers to eliminate the typo
2020-09-14 16:50:58 -07:00
zoneverify.c
Silence untrusted loop bound on nsec3param.iterations
2021-07-12 12:16:29 +10:00
zt.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-08 15:13:49 +11:00