[riot-notifications] [RIOT-OS/RIOT] sock_dns: fix out-of-bound errors (#10740)

Martine Lenders notifications at github.com
Wed Jan 9 22:36:26 CET 2019


miri64 commented on this pull request.



>          bufpos += 4;    /* skip type and class of query */
     }
 
     for (unsigned n = 0; n < ntohs(hdr->ancount); n++) {
-        bufpos += _skip_hostname(bufpos);
+        int tmp = _skip_hostname(buf, len, bufpos);
+        if (tmp < 0) {
+            return tmp;
+        }
+        bufpos += tmp;
         uint16_t _type = ntohs(_get_short(bufpos));

As you said: unrelated to this PR, but I will make a mental note to enhance in a later PR.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/10740#discussion_r246548930
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190109/336c7887/attachment-0001.html>


More information about the notifications mailing list