From 72cd6e85916e02fe7f51806eb25ee0c5a973398a Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 29 May 2025 09:42:08 +1000 Subject: [PATCH] Silence tainted scalar in client.c Coverity detected that 'optlen' was not being checked in 'process_opt'. This is actually already done when the OPT record was initially parsed. Add an INSIST to silence Coverity as is done in message.c. --- lib/ns/client.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/ns/client.c b/lib/ns/client.c index cdc5a49e09..87e79e1333 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -1589,6 +1589,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { while (isc_buffer_remaininglength(&optbuf) >= 4) { optcode = isc_buffer_getuint16(&optbuf); optlen = isc_buffer_getuint16(&optbuf); + + INSIST(isc_buffer_remaininglength(&optbuf) >= optlen); + /* * When returning BADVERSION, only process * DNS_OPT_NSID or DNS_OPT_COOKIE options.