os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/website/static/security/patches/SA-02:42/resolv.patch
Sergio Carlavilla Delgado 989d921f5d Migrate doc to Hugo/AsciiDoctor 
I'm very pleased to announce the release of
our new website and documentation using
the new toolchain with Hugo and AsciiDoctor.

To get more information about the new toolchain
please read the FreeBSD Documentation Project Primer[1],
Hugo docs[2] and AsciiDoctor docs[3].

Acknowledgment:
Benedict Reuschling <bcr@>
Glen Barber <gjb@>
Hiroki Sato <hrs@>
Li-Wen Hsu <lwhsu@>
Sean Chittenden <seanc@>
The FreeBSD Foundation

[1] https://docs.FreeBSD.org/en/books/fdp-primer/
[2] https://gohugo.io/documentation/
[3] https://docs.asciidoctor.org/home/

Approved by:    doceng, core
2021-01-26 00:31:29 +01:00

686 lines
17 KiB
Diff
Raw Blame History

Index: lib/libc/net/getaddrinfo.c
diff -c lib/libc/net/getaddrinfo.c:1.9.2.9 lib/libc/net/getaddrinfo.c:1.9.2.11
*** lib/libc/net/getaddrinfo.c:1.9.2.9 Sun Mar 3 12:45:30 2002
--- lib/libc/net/getaddrinfo.c Sun Sep 22 07:20:23 2002
***************
*** 182,192 ****
#define PTON_MAX 4
#endif
! #if PACKETSZ > 1024
! #define MAXPACKET PACKETSZ
! #else
! #define MAXPACKET 1024
! #endif
typedef union {
HEADER hdr;
--- 182,188 ----
#define PTON_MAX 4
#endif
! #define MAXPACKET (64*1024)
typedef union {
HEADER hdr;
***************
*** 1407,1413 ****
struct addrinfo **res;
{
struct addrinfo *ai;
! querybuf buf, buf2;
const char *name;
struct addrinfo sentinel, *cur;
struct res_target q, q2;
--- 1403,1409 ----
struct addrinfo **res;
{
struct addrinfo *ai;
! querybuf *buf, *buf2;
const char *name;
struct addrinfo sentinel, *cur;
struct res_target q, q2;
***************
*** 1417,1463 ****
memset(&sentinel, 0, sizeof(sentinel));
cur = &sentinel;
switch (pai->ai_family) {
case AF_UNSPEC:
/* prefer IPv6 */
q.qclass = C_IN;
q.qtype = T_AAAA;
! q.answer = buf.buf;
! q.anslen = sizeof(buf);
q.next = &q2;
q2.qclass = C_IN;
q2.qtype = T_A;
! q2.answer = buf2.buf;
! q2.anslen = sizeof(buf2);
break;
case AF_INET:
q.qclass = C_IN;
q.qtype = T_A;
! q.answer = buf.buf;
! q.anslen = sizeof(buf);
break;
case AF_INET6:
q.qclass = C_IN;
q.qtype = T_AAAA;
! q.answer = buf.buf;
! q.anslen = sizeof(buf);
break;
default:
return EAI_FAIL;
}
! if (res_searchN(hostname, &q) < 0)
return EAI_NODATA;
! ai = getanswer(&buf, q.n, q.name, q.qtype, pai);
if (ai) {
cur->ai_next = ai;
while (cur && cur->ai_next)
cur = cur->ai_next;
}
if (q.next) {
! ai = getanswer(&buf2, q2.n, q2.name, q2.qtype, pai);
if (ai)
cur->ai_next = ai;
}
if (sentinel.ai_next == NULL)
switch (h_errno) {
case HOST_NOT_FOUND:
--- 1413,1478 ----
memset(&sentinel, 0, sizeof(sentinel));
cur = &sentinel;
+ buf = malloc(sizeof(*buf));
+ if (!buf) {
+ h_errno = NETDB_INTERNAL;
+ return EAI_MEMORY;
+ }
+ buf2 = malloc(sizeof(*buf2));
+ if (!buf2) {
+ free(buf);
+ h_errno = NETDB_INTERNAL;
+ return EAI_MEMORY;
+ }
+
switch (pai->ai_family) {
case AF_UNSPEC:
/* prefer IPv6 */
q.qclass = C_IN;
q.qtype = T_AAAA;
! q.answer = buf->buf;
! q.anslen = sizeof(buf->buf);
q.next = &q2;
q2.qclass = C_IN;
q2.qtype = T_A;
! q2.answer = buf2->buf;
! q2.anslen = sizeof(buf2->buf);
break;
case AF_INET:
q.qclass = C_IN;
q.qtype = T_A;
! q.answer = buf->buf;
! q.anslen = sizeof(buf->buf);
break;
case AF_INET6:
q.qclass = C_IN;
q.qtype = T_AAAA;
! q.answer = buf->buf;
! q.anslen = sizeof(buf->buf);
break;
default:
+ free(buf);
+ free(buf2);
return EAI_FAIL;
}
! if (res_searchN(hostname, &q) < 0) {
! free(buf);
! free(buf2);
return EAI_NODATA;
! }
! ai = getanswer(buf, q.n, q.name, q.qtype, pai);
if (ai) {
cur->ai_next = ai;
while (cur && cur->ai_next)
cur = cur->ai_next;
}
if (q.next) {
! ai = getanswer(buf2, q2.n, q2.name, q2.qtype, pai);
if (ai)
cur->ai_next = ai;
}
+ free(buf);
+ free(buf2);
if (sentinel.ai_next == NULL)
switch (h_errno) {
case HOST_NOT_FOUND:
***************
*** 1662,1668 ****
const char *name; /* domain name */
struct res_target *target;
{
! u_char buf[MAXPACKET];
HEADER *hp;
int n;
struct res_target *t;
--- 1677,1683 ----
const char *name; /* domain name */
struct res_target *target;
{
! u_char *buf;
HEADER *hp;
int n;
struct res_target *t;
***************
*** 1677,1682 ****
--- 1692,1703 ----
return (-1);
}
+ buf = malloc(MAXPACKET);
+ if (!buf) {
+ h_errno = NETDB_INTERNAL;
+ return (-1);
+ }
+
for (t = target; t; t = t->next) {
int class, type;
u_char *answer;
***************
*** 1696,1709 ****
#endif
n = res_mkquery(QUERY, name, class, type, NULL, 0, NULL,
! buf, sizeof(buf));
if (n > 0 && (_res.options & RES_USE_EDNS0) != 0)
! n = res_opt(n, buf, sizeof(buf), anslen);
if (n <= 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
printf(";; res_query: mkquery failed\n");
#endif
h_errno = NO_RECOVERY;
return (n);
}
--- 1717,1731 ----
#endif
n = res_mkquery(QUERY, name, class, type, NULL, 0, NULL,
! buf, MAXPACKET);
if (n > 0 && (_res.options & RES_USE_EDNS0) != 0)
! n = res_opt(n, buf, MAXPACKET, anslen);
if (n <= 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
printf(";; res_query: mkquery failed\n");
#endif
+ free(buf);
h_errno = NO_RECOVERY;
return (n);
}
***************
*** 1714,1725 ****
if (_res.options & RES_DEBUG)
printf(";; res_query: send error\n");
#endif
h_errno = TRY_AGAIN;
return (n);
}
#endif
! if (n < 0 || hp->rcode != NOERROR || ntohs(hp->ancount) == 0) {
rcode = hp->rcode; /* record most recent error */
#ifdef DEBUG
if (_res.options & RES_DEBUG)
--- 1736,1750 ----
if (_res.options & RES_DEBUG)
printf(";; res_query: send error\n");
#endif
+ free(buf);
h_errno = TRY_AGAIN;
return (n);
}
#endif
! if (n < 0 || n > anslen)
! hp->rcode = FORMERR; /* XXX not very informative */
! if (hp->rcode != NOERROR || ntohs(hp->ancount) == 0) {
rcode = hp->rcode; /* record most recent error */
#ifdef DEBUG
if (_res.options & RES_DEBUG)
***************
*** 1733,1738 ****
--- 1758,1765 ----
t->n = n;
}
+
+ free(buf);
if (ancount == 0) {
switch (rcode) {
Index: lib/libc/net/gethostbydns.c
diff -c lib/libc/net/gethostbydns.c:1.27.2.2 lib/libc/net/gethostbydns.c:1.27.2.3
*** lib/libc/net/gethostbydns.c:1.27.2.2 Wed Jun 26 01:24:29 2002
--- lib/libc/net/gethostbydns.c Thu Sep 19 08:45:23 2002
***************
*** 584,591 ****
break;
}
! if ((n = res_search(name, C_IN, type, buf.buf, sizeof(buf))) < 0) {
dprintf("res_search failed (%d)\n", n);
return (NULL);
}
return (gethostanswer(&buf, n, name, type));
--- 584,595 ----
break;
}
! n = res_search(name, C_IN, type, buf.buf, sizeof(buf.buf));
! if (n < 0) {
dprintf("res_search failed (%d)\n", n);
+ return (NULL);
+ } else if (n > sizeof(buf.buf)) {
+ dprintf("static buffer is too small (%d)\n", n);
return (NULL);
}
return (gethostanswer(&buf, n, name, type));
Index: lib/libc/net/getnetbydns.c
diff -c lib/libc/net/getnetbydns.c:1.13.2.2 lib/libc/net/getnetbydns.c:1.13.2.3
*** lib/libc/net/getnetbydns.c:1.13.2.2 Wed Jun 26 01:34:18 2002
--- lib/libc/net/getnetbydns.c Thu Sep 19 08:45:23 2002
***************
*** 256,262 ****
if (anslen < 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
! printf("res_query failed\n");
#endif
return (NULL);
}
--- 256,268 ----
if (anslen < 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
! printf("res_search failed\n");
! #endif
! return (NULL);
! } else if (anslen > sizeof(buf)) {
! #ifdef DEBUG
! if (_res.options & RES_DEBUG)
! printf("res_search static buffer too small\n");
#endif
return (NULL);
}
***************
*** 291,297 ****
if (anslen < 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
! printf("res_query failed\n");
#endif
return (NULL);
}
--- 297,309 ----
if (anslen < 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
! printf("res_search failed\n");
! #endif
! return (NULL);
! } else if (anslen > sizeof(buf)) {
! #ifdef DEBUG
! if (_res.options & RES_DEBUG)
! printf("res_search static buffer too small\n");
#endif
return (NULL);
}
Index: lib/libc/net/name6.c
diff -c lib/libc/net/name6.c:1.6.2.6 lib/libc/net/name6.c:1.6.2.7
*** lib/libc/net/name6.c:1.6.2.6 Wed Jun 26 01:06:43 2002
--- lib/libc/net/name6.c Thu Sep 19 08:45:23 2002
***************
*** 994,1004 ****
int rtl_type;
};
! #if PACKETSZ > 1024
! #define MAXPACKET PACKETSZ
! #else
! #define MAXPACKET 1024
! #endif
typedef union {
HEADER hdr;
--- 994,1000 ----
int rtl_type;
};
! #define MAXPACKET (64*1024)
typedef union {
HEADER hdr;
***************
*** 1305,1311 ****
int trailing_dot, ret, saved_herrno;
int got_nodata = 0, got_servfail = 0, tried_as_is = 0;
struct __res_type_list *rtl0 = rtl;
! querybuf buf;
if ((_res.options & RES_INIT) == 0 && res_init() == -1) {
*errp = NETDB_INTERNAL;
--- 1301,1307 ----
int trailing_dot, ret, saved_herrno;
int got_nodata = 0, got_servfail = 0, tried_as_is = 0;
struct __res_type_list *rtl0 = rtl;
! querybuf *buf;
if ((_res.options & RES_INIT) == 0 && res_init() == -1) {
*errp = NETDB_INTERNAL;
***************
*** 1318,1334 ****
if (cp > name && *--cp == '.')
trailing_dot++;
/* If there aren't any dots, it could be a user-level alias */
if (!dots && (cp = hostalias(name)) != NULL) {
for(rtl = rtl0; rtl != NULL;
rtl = SLIST_NEXT(rtl, rtl_entry)) {
! ret = res_query(cp, C_IN, rtl->rtl_type, buf.buf,
! sizeof(buf.buf));
! if (ret > 0) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(&buf, ret, name, rtl->rtl_type,
&hpbuf, errp);
if (!hp)
continue;
--- 1314,1336 ----
if (cp > name && *--cp == '.')
trailing_dot++;
+ buf = malloc(sizeof(*buf));
+ if (buf == NULL) {
+ *errp = NETDB_INTERNAL;
+ return NULL;
+ }
+
/* If there aren't any dots, it could be a user-level alias */
if (!dots && (cp = hostalias(name)) != NULL) {
for(rtl = rtl0; rtl != NULL;
rtl = SLIST_NEXT(rtl, rtl_entry)) {
! ret = res_query(cp, C_IN, rtl->rtl_type, buf->buf,
! sizeof(buf->buf));
! if (ret > 0 && ret < sizeof(buf->buf)) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(buf, ret, name, rtl->rtl_type,
&hpbuf, errp);
if (!hp)
continue;
***************
*** 1336,1341 ****
--- 1338,1344 ----
hp0 = _hpmerge(hp0, hp, errp);
}
}
+ free(buf);
return (hp0);
}
***************
*** 1348,1359 ****
for(rtl = rtl0; rtl != NULL;
rtl = SLIST_NEXT(rtl, rtl_entry)) {
ret = res_querydomain(name, NULL, C_IN, rtl->rtl_type,
! buf.buf, sizeof(buf.buf));
! if (ret > 0) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(&buf, ret, name, rtl->rtl_type,
&hpbuf, errp);
if (!hp)
continue;
--- 1351,1362 ----
for(rtl = rtl0; rtl != NULL;
rtl = SLIST_NEXT(rtl, rtl_entry)) {
ret = res_querydomain(name, NULL, C_IN, rtl->rtl_type,
! buf->buf, sizeof(buf->buf));
! if (ret > 0 && ret < sizeof(buf->buf)) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(buf, ret, name, rtl->rtl_type,
&hpbuf, errp);
if (!hp)
continue;
***************
*** 1361,1368 ****
hp0 = _hpmerge(hp0, hp, errp);
}
}
! if (hp0 != NULL)
return (hp0);
saved_herrno = *errp;
tried_as_is++;
}
--- 1364,1373 ----
hp0 = _hpmerge(hp0, hp, errp);
}
}
! if (hp0 != NULL) {
! free(buf);
return (hp0);
+ }
saved_herrno = *errp;
tried_as_is++;
}
***************
*** 1385,1396 ****
rtl = SLIST_NEXT(rtl, rtl_entry)) {
ret = res_querydomain(name, *domain, C_IN,
rtl->rtl_type,
! buf.buf, sizeof(buf.buf));
! if (ret > 0) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(&buf, ret, name,
rtl->rtl_type, &hpbuf, errp);
if (!hp)
continue;
--- 1390,1401 ----
rtl = SLIST_NEXT(rtl, rtl_entry)) {
ret = res_querydomain(name, *domain, C_IN,
rtl->rtl_type,
! buf->buf, sizeof(buf->buf));
! if (ret > 0 && ret < sizeof(buf->buf)) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(buf, ret, name,
rtl->rtl_type, &hpbuf, errp);
if (!hp)
continue;
***************
*** 1398,1405 ****
hp0 = _hpmerge(hp0, hp, errp);
}
}
! if (hp0 != NULL)
return (hp0);
/*
* If no server present, give up.
--- 1403,1412 ----
hp0 = _hpmerge(hp0, hp, errp);
}
}
! if (hp0 != NULL) {
! free(buf);
return (hp0);
+ }
/*
* If no server present, give up.
***************
*** 1415,1420 ****
--- 1422,1428 ----
* fully-qualified.
*/
if (errno == ECONNREFUSED) {
+ free(buf);
*errp = TRY_AGAIN;
return (NULL);
}
***************
*** 1427,1433 ****
/* keep trying */
break;
case TRY_AGAIN:
! if (buf.hdr.rcode == SERVFAIL) {
/* try next search element, if any */
got_servfail++;
break;
--- 1435,1441 ----
/* keep trying */
break;
case TRY_AGAIN:
! if (buf->hdr.rcode == SERVFAIL) {
/* try next search element, if any */
got_servfail++;
break;
***************
*** 1455,1466 ****
for(rtl = rtl0; rtl != NULL;
rtl = SLIST_NEXT(rtl, rtl_entry)) {
ret = res_querydomain(name, NULL, C_IN, rtl->rtl_type,
! buf.buf, sizeof(buf.buf));
! if (ret > 0) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(&buf, ret, name, rtl->rtl_type,
&hpbuf, errp);
if (!hp)
continue;
--- 1463,1474 ----
for(rtl = rtl0; rtl != NULL;
rtl = SLIST_NEXT(rtl, rtl_entry)) {
ret = res_querydomain(name, NULL, C_IN, rtl->rtl_type,
! buf->buf, sizeof(buf->buf));
! if (ret > 0 && ret < sizeof(buf->buf)) {
hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
? AF_INET6 : AF_INET;
hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
! hp = getanswer(buf, ret, name, rtl->rtl_type,
&hpbuf, errp);
if (!hp)
continue;
***************
*** 1468,1477 ****
hp0 = _hpmerge(hp0, hp, errp);
}
}
! if (hp0 != NULL)
return (hp0);
}
/* if we got here, we didn't satisfy the search.
* if we did an initial full query, return that query's h_errno
* (note that we wouldn't be here if that query had succeeded).
--- 1476,1489 ----
hp0 = _hpmerge(hp0, hp, errp);
}
}
! if (hp0 != NULL) {
! free(buf);
return (hp0);
+ }
}
+ free(buf);
+
/* if we got here, we didn't satisfy the search.
* if we did an initial full query, return that query's h_errno
* (note that we wouldn't be here if that query had succeeded).
***************
*** 1531,1537 ****
#ifdef INET6
static const char hex[] = "0123456789abcdef";
#endif
! querybuf buf;
char qbuf[MAXDNAME+1];
char *hlist[2];
--- 1543,1549 ----
#ifdef INET6
static const char hex[] = "0123456789abcdef";
#endif
! querybuf *buf;
char qbuf[MAXDNAME+1];
char *hlist[2];
***************
*** 1584,1595 ****
break;
}
! n = res_query(qbuf, C_IN, T_PTR, buf.buf, sizeof buf.buf);
if (n < 0) {
*errp = h_errno;
return NULL;
}
! hp = getanswer(&buf, n, qbuf, T_PTR, &hbuf, errp);
if (!hp)
return NULL;
hbuf.h_addrtype = af;
--- 1596,1622 ----
break;
}
! buf = malloc(sizeof(*buf));
! if (buf == NULL) {
! *errp = NETDB_INTERNAL;
! return NULL;
! }
!
! n = res_query(qbuf, C_IN, T_PTR, buf->buf, sizeof buf->buf);
if (n < 0) {
+ free(buf);
*errp = h_errno;
return NULL;
+ } else if (n > sizeof(buf->buf)) {
+ free(buf);
+ *errp = NETDB_INTERNAL;
+ #if 0
+ errno = ERANGE; /* XXX is it OK to set errno here? */
+ #endif
+ return NULL;
}
! hp = getanswer(buf, n, qbuf, T_PTR, &hbuf, errp);
! free(buf);
if (!hp)
return NULL;
hbuf.h_addrtype = af;
Index: lib/libc/net/res_mkquery.c
diff -c lib/libc/net/res_mkquery.c:1.15.2.1 lib/libc/net/res_mkquery.c:1.15.2.2
*** lib/libc/net/res_mkquery.c:1.15.2.1 Fri Jun 15 17:08:28 2001
--- lib/libc/net/res_mkquery.c Fri Sep 20 05:45:35 2002
***************
*** 228,233 ****
--- 228,235 ----
__putshort(T_OPT, cp); /* TYPE */
cp += INT16SZ;
+ if (anslen > 0xffff)
+ anslen = 0xffff; /* limit to 16bit value */
__putshort(anslen & 0xffff, cp); /* CLASS = UDP payload size */
cp += INT16SZ;
*cp++ = NOERROR; /* extended RCODE */
Reference in a new issue View git blame Copy permalink