{
int len = Ustrlen(domain);
int asize = size; /* Locally modified */
-uschar name[256];
+uschar * name;
uschar utilname[256];
uschar *aptr = answerptr; /* Locally modified */
struct stat statbuf;
/* Remove terminating dot. */
if (domain[len - 1] == '.') len--;
-Ustrncpy(name, domain, len);
-name[len] = 0;
+name = string_copyn(domain, len);
/* Look for the fakens utility, and if it exists, call it. */
if (Ustrchr(string, ':') == NULL)
#endif
{
- int i;
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
{
const uschar *ppp = p;
while (ppp > string && ppp[-1] != '.') ppp--;
*pp++ = '.';
p = ppp - 1;
}
- Ustrcpy(pp, "in-addr.arpa");
+ Ustrcpy(pp, US"in-addr.arpa");
}
/* Handle IPv6 address; convert to binary so as to fill out any
#if HAVE_IPV6
else
{
- int i;
int v6[4];
(void)host_aton(string, v6);
nibble, and look in the ip6.int domain. The domain was subsequently
changed to ip6.arpa. */
- for (i = 3; i >= 0; i--)
- {
- int j;
- for (j = 0; j < 32; j += 4)
+ for (int i = 3; i >= 0; i--)
+ for (int j = 0; j < 32; j += 4)
pp += sprintf(CS pp, "%x.", (v6[i] >> j) & 15);
- }
- Ustrcpy(pp, "ip6.arpa.");
+ Ustrcpy(pp, US"ip6.arpa.");
/* Another way of doing IPv6 reverse lookups was proposed in conjunction
with A6 records. However, it fell out of favour when they did. The
Ustrcpy(pp, "\\[x");
pp += 3;
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
{
sprintf(pp, "%08X", v6[i]);
pp += 8;
}
- Ustrcpy(pp, "].ip6.arpa.");
+ Ustrcpy(pp, US"].ip6.arpa.");
**************************************************/
}
dns_extract_auth_name(const dns_answer * dnsa) /* FIXME: const dns_answer */
{
dns_scan dnss;
-dns_record * rr;
const HEADER * h = (const HEADER *) dnsa->answer;
if (h->nscount && h->aa)
- for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == (h->ancount ? T_NS : T_SOA))
return string_copy(rr->name);
static int
dns_return(const uschar * name, int type, int rc)
{
-tree_node *node = store_get_perm(sizeof(tree_node) + 290);
+tree_node *node = store_get_perm(sizeof(tree_node) + 290, TRUE);
dns_fail_tag(node->name, name, type);
node->data.val = rc;
(void)tree_insertnode(&tree_dns_fails, node);
providing a list of domains for which this is treated as a non-existent
host.
+The dns_answer structure is pretty big; enough to hold a max-sized DNS message
+- so best allocated from fast-release memory. As of writing, all our callers
+use a stack-auto variable.
+
Arguments:
dnsa pointer to dns_answer structure
name name to look up
bitstring labels don't conform to normal name syntax. (But the aren't used any
more.)
-For SRV records, we omit the initial _smtp._tcp. components at the start. */
+For SRV records, we omit the initial _smtp._tcp. components at the start.
+The check has been seen to bite on the destination of a SRV lookup that
+initiall hit a CNAME, for which the next name had only two components.
+RFC2782 makes no mention of the possibiility of CNAMES, but the Wikipedia
+article on SRV says they are not a valid configuration. */
#ifndef STAND_ALONE /* Omit this for stand-alone tests */
if (type == T_SRV || type == T_TLSA)
{
- while (*checkname++ != '.');
- while (*checkname++ != '.');
+ while (*checkname && *checkname++ != '.') ;
+ while (*checkname && *checkname++ != '.') ;
}
if (pcre_exec(regex_check_dns_names, NULL, CCS checkname, Ustrlen(checkname),
dns_lookup(dns_answer *dnsa, const uschar *name, int type,
const uschar **fully_qualified_name)
{
-int i;
const uschar *orig_name = name;
BOOL secure_so_far = TRUE;
but no further... The testsuite tests the latter case, mostly assuming that the
former will work. */
-for (i = 0; i <= dns_cname_loops; i++)
+for (int i = 0; i <= dns_cname_loops; i++)
{
uschar * data;
- dns_record *rr, cname_rr, type_rr;
+ dns_record cname_rr, type_rr;
dns_scan dnss;
int rc;
area in the dnsa block. */
cname_rr.data = type_rr.data = NULL;
- for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == type)
{
if (!cname_rr.data)
return DNS_FAIL;
- data = store_get(256);
+ /* DNS data comes from the outside, hence tainted */
+ data = store_get(256, TRUE);
if (dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256) < 0)
return DNS_FAIL;
&& (h->rcode == NOERROR || h->rcode == NXDOMAIN)
&& ntohs(h->qdcount) == 1 && ntohs(h->ancount) == 0
&& ntohs(h->nscount) >= 1)
- dnsa->answerlen = MAXPACKET;
+ dnsa->answerlen = sizeof(dnsa->answer);
for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
uschar *p = US rr->data;
if (p + 4 <= dnsa_lim)
{
- yield = store_get(sizeof(dns_address) + 20);
+ /* the IP is not regarded as tainted */
+ yield = store_get(sizeof(dns_address) + 20, FALSE);
(void)sprintf(CS yield->address, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
yield->next = NULL;
}
if (rr->data + 16 <= dnsa_lim)
{
struct in6_addr in6;
- int i;
- for (i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
- yield = store_get(sizeof(dns_address) + 50);
+ for (int i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
+ yield = store_get(sizeof(dns_address) + 50, FALSE);
inet_ntop(AF_INET6, &in6, CS yield->address, 50);
yield->next = NULL;
}