diff --git a/CHANGES b/CHANGES index 72f3e96a2d..22dc0bc73a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +3410. [bug] Addressed Coverity warnings. [RT #31626] + 3409. [contrib] contrib/dane/mkdane.sh: Tool to generate TLSA RR's from X.509 certificates, for use with DANE (DNS-based Authentication of Named Entities). diff --git a/bin/named/update.c b/bin/named/update.c index bfffc73bcc..79abdf3330 100644 --- a/bin/named/update.c +++ b/bin/named/update.c @@ -2369,7 +2369,8 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, ISC_LIST_UNLINK(temp_diff.tuples, tuple, link); ISC_LIST_APPEND(diff->tuples, tuple, link); - dns_rdata_tostruct(&tuple->rdata, &dnskey, NULL); + result = dns_rdata_tostruct(&tuple->rdata, &dnskey, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); if ((dnskey.flags & (DNS_KEYFLAG_OWNERMASK|DNS_KEYTYPE_NOAUTH)) != DNS_KEYOWNER_ZONE) diff --git a/bin/tests/db_test.c b/bin/tests/db_test.c index 654e8750f4..40f40965ab 100644 --- a/bin/tests/db_test.c +++ b/bin/tests/db_test.c @@ -371,6 +371,7 @@ main(int argc, char *argv[]) { dns_trust_t trust = 0; unsigned int addopts; isc_log_t *lctx = NULL; + size_t n; dns_result_register(); @@ -392,7 +393,13 @@ main(int argc, char *argv[]) { isc_result_totext(result)); break; case 'd': - strcpy(dbtype, isc_commandline_argument); + n = strlcpy(dbtype, isc_commandline_argument, + sizeof(dbtype)); + if (n >= sizeof(dbtype)) { + fprintf(stderr, "bad db type '%s'\n", + isc_commandline_argument); + exit(1); + } break; case 'g': options |= (DNS_DBFIND_GLUEOK|DNS_DBFIND_VALIDATEGLUE); diff --git a/bin/tests/fsaccess_test.c b/bin/tests/fsaccess_test.c index e6147b24d5..020cb4d507 100644 --- a/bin/tests/fsaccess_test.c +++ b/bin/tests/fsaccess_test.c @@ -22,7 +22,9 @@ #include #include +#include +#include /* Non-portable. */ #include /* Non-portable. */ #include /* Non-portable. */ @@ -35,10 +37,24 @@ int main(void) { isc_fsaccess_t access; isc_result_t result; + FILE *fp; + int n; - remove(PATH); - fopen(PATH, "w"); - chmod(PATH, 0); + n = remove(PATH); + if (n != 0 && errno != ENOENT) { + fprintf(stderr, "unable to remove(%s)\n", PATH); + exit(1); + } + fp = fopen(PATH, "w"); + if (fp == NULL) { + fprintf(stderr, "unable to fopen(%s)\n", PATH); + exit(1); + } + n = chmod(PATH, 0); + if (n != 0) { + fprintf(stderr, "unable chmod(%s, 0)\n", PATH); + exit(1); + } access = 0; @@ -55,6 +71,7 @@ main(void) { result = isc_fsaccess_set(PATH, access); if (result != ISC_R_SUCCESS) fprintf(stderr, "result = %s\n", isc_result_totext(result)); + (void)fclose(fp); return (0); } diff --git a/bin/tests/rdata_test.c b/bin/tests/rdata_test.c index ff26d3d2a9..2d2ee4e5c8 100644 --- a/bin/tests/rdata_test.c +++ b/bin/tests/rdata_test.c @@ -55,19 +55,19 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, switch (rdata->type) { case dns_rdatatype_a6: { - dns_rdata_in_a6_t in_a6; + static dns_rdata_in_a6_t in_a6; result = dns_rdata_tostruct(rdata, sp = &in_a6, NULL); break; } case dns_rdatatype_a: { switch (rdata->rdclass) { case dns_rdataclass_hs: { - dns_rdata_hs_a_t hs_a; + static dns_rdata_hs_a_t hs_a; result = dns_rdata_tostruct(rdata, sp = &hs_a, NULL); break; } case dns_rdataclass_in: { - dns_rdata_in_a_t in_a; + static dns_rdata_in_a_t in_a; result = dns_rdata_tostruct(rdata, sp = &in_a, NULL); break; } @@ -78,12 +78,12 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, break; } case dns_rdatatype_aaaa: { - dns_rdata_in_aaaa_t in_aaaa; + static dns_rdata_in_aaaa_t in_aaaa; result = dns_rdata_tostruct(rdata, sp = &in_aaaa, NULL); break; } case dns_rdatatype_afsdb: { - dns_rdata_afsdb_t afsdb; + static dns_rdata_afsdb_t afsdb; result = dns_rdata_tostruct(rdata, sp = &afsdb, NULL); break; } @@ -94,7 +94,7 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, case dns_rdatatype_apl: { switch (rdata->rdclass) { case dns_rdataclass_in: { - dns_rdata_in_apl_t in_apl; + static dns_rdata_in_apl_t in_apl; result = dns_rdata_tostruct(rdata, sp = &in_apl, NULL); break; } @@ -105,207 +105,207 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, break; } case dns_rdatatype_cert: { - dns_rdata_cert_t cert; + static dns_rdata_cert_t cert; result = dns_rdata_tostruct(rdata, sp = &cert, NULL); break; } case dns_rdatatype_cname: { - dns_rdata_cname_t cname; + static dns_rdata_cname_t cname; result = dns_rdata_tostruct(rdata, sp = &cname, NULL); break; } case dns_rdatatype_dname: { - dns_rdata_dname_t dname; + static dns_rdata_dname_t dname; result = dns_rdata_tostruct(rdata, sp = &dname, NULL); break; } case dns_rdatatype_gpos: { - dns_rdata_gpos_t gpos; + static dns_rdata_gpos_t gpos; result = dns_rdata_tostruct(rdata, sp = &gpos, NULL); break; } case dns_rdatatype_hinfo: { - dns_rdata_hinfo_t hinfo; + static dns_rdata_hinfo_t hinfo; result = dns_rdata_tostruct(rdata, sp = &hinfo, NULL); break; } case dns_rdatatype_isdn: { - dns_rdata_isdn_t isdn; + static dns_rdata_isdn_t isdn; result = dns_rdata_tostruct(rdata, sp = &isdn, NULL); break; } case dns_rdatatype_key: { - dns_rdata_key_t key; + static dns_rdata_key_t key; result = dns_rdata_tostruct(rdata, sp = &key, NULL); break; } case dns_rdatatype_kx: { - dns_rdata_in_kx_t in_kx; + static dns_rdata_in_kx_t in_kx; result = dns_rdata_tostruct(rdata, sp = &in_kx, NULL); break; } case dns_rdatatype_loc: { - dns_rdata_loc_t loc; + static dns_rdata_loc_t loc; result = dns_rdata_tostruct(rdata, sp = &loc, NULL); break; } case dns_rdatatype_mb: { - dns_rdata_mb_t mb; + static dns_rdata_mb_t mb; result = dns_rdata_tostruct(rdata, sp = &mb, NULL); break; } case dns_rdatatype_md: { - dns_rdata_md_t md; + static dns_rdata_md_t md; result = dns_rdata_tostruct(rdata, sp = &md, NULL); break; } case dns_rdatatype_mf: { - dns_rdata_mf_t mf; + static dns_rdata_mf_t mf; result = dns_rdata_tostruct(rdata, sp = &mf, NULL); break; } case dns_rdatatype_mg: { - dns_rdata_mg_t mg; + static dns_rdata_mg_t mg; result = dns_rdata_tostruct(rdata, sp = &mg, NULL); break; } case dns_rdatatype_minfo: { - dns_rdata_minfo_t minfo; + static dns_rdata_minfo_t minfo; result = dns_rdata_tostruct(rdata, sp = &minfo, NULL); break; } case dns_rdatatype_mr: { - dns_rdata_mr_t mr; + static dns_rdata_mr_t mr; result = dns_rdata_tostruct(rdata, sp = &mr, NULL); break; } case dns_rdatatype_mx: { - dns_rdata_mx_t mx; + static dns_rdata_mx_t mx; result = dns_rdata_tostruct(rdata, sp = &mx, NULL); break; } case dns_rdatatype_naptr: { - dns_rdata_naptr_t naptr; + static dns_rdata_naptr_t naptr; result = dns_rdata_tostruct(rdata, sp = &naptr, NULL); break; } case dns_rdatatype_ns: { - dns_rdata_ns_t ns; + static dns_rdata_ns_t ns; result = dns_rdata_tostruct(rdata, sp = &ns, NULL); break; } case dns_rdatatype_nsap: { - dns_rdata_in_nsap_t in_nsap; + static dns_rdata_in_nsap_t in_nsap; result = dns_rdata_tostruct(rdata, sp = &in_nsap, NULL); break; } case dns_rdatatype_nsap_ptr: { - dns_rdata_in_nsap_ptr_t in_nsap_ptr; + static dns_rdata_in_nsap_ptr_t in_nsap_ptr; result = dns_rdata_tostruct(rdata, sp = &in_nsap_ptr, NULL); break; } case dns_rdatatype_null: { - dns_rdata_null_t null; + static dns_rdata_null_t null; result = dns_rdata_tostruct(rdata, sp = &null, NULL); break; } case dns_rdatatype_nxt: { - dns_rdata_nxt_t nxt; + static dns_rdata_nxt_t nxt; result = dns_rdata_tostruct(rdata, sp = &nxt, NULL); break; } case dns_rdatatype_opt: { - dns_rdata_opt_t opt; + static dns_rdata_opt_t opt; result = dns_rdata_tostruct(rdata, sp = &opt, NULL); break; } case dns_rdatatype_ptr: { - dns_rdata_ptr_t ptr; + static dns_rdata_ptr_t ptr; result = dns_rdata_tostruct(rdata, sp = &ptr, NULL); break; } case dns_rdatatype_px: { - dns_rdata_in_px_t in_px; + static dns_rdata_in_px_t in_px; result = dns_rdata_tostruct(rdata, sp = &in_px, NULL); break; } case dns_rdatatype_rp: { - dns_rdata_rp_t rp; + static dns_rdata_rp_t rp; result = dns_rdata_tostruct(rdata, sp = &rp, NULL); break; } case dns_rdatatype_rt: { - dns_rdata_rt_t rt; + static dns_rdata_rt_t rt; result = dns_rdata_tostruct(rdata, sp = &rt, NULL); break; } case dns_rdatatype_sig: { - dns_rdata_sig_t sig; + static dns_rdata_sig_t sig; result = dns_rdata_tostruct(rdata, sp = &sig, NULL); break; } case dns_rdatatype_soa: { - dns_rdata_soa_t soa; + static dns_rdata_soa_t soa; result = dns_rdata_tostruct(rdata, sp = &soa, NULL); break; } case dns_rdatatype_srv: { - dns_rdata_in_srv_t in_srv; + static dns_rdata_in_srv_t in_srv; result = dns_rdata_tostruct(rdata, sp = &in_srv, NULL); break; } case dns_rdatatype_tkey: { - dns_rdata_tkey_t tkey; + static dns_rdata_tkey_t tkey; result = dns_rdata_tostruct(rdata, sp = &tkey, NULL); break; } case dns_rdatatype_tsig: { - dns_rdata_any_tsig_t tsig; + static dns_rdata_any_tsig_t tsig; result = dns_rdata_tostruct(rdata, sp = &tsig, NULL); break; } case dns_rdatatype_txt: { - dns_rdata_txt_t txt; + static dns_rdata_txt_t txt; result = dns_rdata_tostruct(rdata, sp = &txt, NULL); break; } case dns_rdatatype_spf: { - dns_rdata_spf_t spf; + static dns_rdata_spf_t spf; result = dns_rdata_tostruct(rdata, sp = &spf, NULL); break; } case dns_rdatatype_unspec: { - dns_rdata_unspec_t unspec; + static dns_rdata_unspec_t unspec; result = dns_rdata_tostruct(rdata, sp = &unspec, NULL); break; } case dns_rdatatype_uri: { - dns_rdata_uri_t uri; + static dns_rdata_uri_t uri; result = dns_rdata_tostruct(rdata, sp = &uri, NULL); break; } case dns_rdatatype_wks: { - dns_rdata_in_wks_t in_wks; + static dns_rdata_in_wks_t in_wks; result = dns_rdata_tostruct(rdata, sp = &in_wks, NULL); break; } case dns_rdatatype_x25: { - dns_rdata_x25_t x25; + static dns_rdata_x25_t x25; result = dns_rdata_tostruct(rdata, sp = &x25, NULL); break; } case dns_rdatatype_nsec: { - dns_rdata_nsec_t nsec; + static dns_rdata_nsec_t nsec; result = dns_rdata_tostruct(rdata, sp = &nsec, NULL); break; } case dns_rdatatype_rrsig: { - dns_rdata_rrsig_t rrsig; + static dns_rdata_rrsig_t rrsig; result = dns_rdata_tostruct(rdata, sp = &rrsig, NULL); break; } case dns_rdatatype_dnskey: { - dns_rdata_dnskey_t dnskey; + static dns_rdata_dnskey_t dnskey; result = dns_rdata_tostruct(rdata, sp = &dnskey, NULL); break; } @@ -322,19 +322,19 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, switch (rdata->type) { case dns_rdatatype_a6: { - dns_rdata_in_a6_t in_a6; + static dns_rdata_in_a6_t in_a6; result = dns_rdata_tostruct(rdata, sp = &in_a6, mctx); break; } case dns_rdatatype_a: { switch (rdata->rdclass) { case dns_rdataclass_hs: { - dns_rdata_hs_a_t hs_a; + static dns_rdata_hs_a_t hs_a; result = dns_rdata_tostruct(rdata, sp = &hs_a, mctx); break; } case dns_rdataclass_in: { - dns_rdata_in_a_t in_a; + static dns_rdata_in_a_t in_a; result = dns_rdata_tostruct(rdata, sp = &in_a, mctx); break; } @@ -345,12 +345,12 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, break; } case dns_rdatatype_aaaa: { - dns_rdata_in_aaaa_t in_aaaa; + static dns_rdata_in_aaaa_t in_aaaa; result = dns_rdata_tostruct(rdata, sp = &in_aaaa, mctx); break; } case dns_rdatatype_afsdb: { - dns_rdata_afsdb_t afsdb; + static dns_rdata_afsdb_t afsdb; result = dns_rdata_tostruct(rdata, sp = &afsdb, mctx); break; } @@ -361,7 +361,7 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, case dns_rdatatype_apl: { switch (rdata->rdclass) { case dns_rdataclass_in: { - dns_rdata_in_apl_t in_apl; + static dns_rdata_in_apl_t in_apl; result = dns_rdata_tostruct(rdata, sp = &in_apl, mctx); break; } @@ -372,207 +372,207 @@ viastruct(dns_rdata_t *rdata, isc_mem_t *mctx, break; } case dns_rdatatype_cert: { - dns_rdata_cert_t cert; + static dns_rdata_cert_t cert; result = dns_rdata_tostruct(rdata, sp = &cert, mctx); break; } case dns_rdatatype_cname: { - dns_rdata_cname_t cname; + static dns_rdata_cname_t cname; result = dns_rdata_tostruct(rdata, sp = &cname, mctx); break; } case dns_rdatatype_dname: { - dns_rdata_dname_t dname; + static dns_rdata_dname_t dname; result = dns_rdata_tostruct(rdata, sp = &dname, mctx); break; } case dns_rdatatype_gpos: { - dns_rdata_gpos_t gpos; + static dns_rdata_gpos_t gpos; result = dns_rdata_tostruct(rdata, sp = &gpos, mctx); break; } case dns_rdatatype_hinfo: { - dns_rdata_hinfo_t hinfo; + static dns_rdata_hinfo_t hinfo; result = dns_rdata_tostruct(rdata, sp = &hinfo, mctx); break; } case dns_rdatatype_isdn: { - dns_rdata_isdn_t isdn; + static dns_rdata_isdn_t isdn; result = dns_rdata_tostruct(rdata, sp = &isdn, mctx); break; } case dns_rdatatype_key: { - dns_rdata_key_t key; + static dns_rdata_key_t key; result = dns_rdata_tostruct(rdata, sp = &key, mctx); break; } case dns_rdatatype_kx: { - dns_rdata_in_kx_t in_kx; + static dns_rdata_in_kx_t in_kx; result = dns_rdata_tostruct(rdata, sp = &in_kx, mctx); break; } case dns_rdatatype_loc: { - dns_rdata_loc_t loc; + static dns_rdata_loc_t loc; result = dns_rdata_tostruct(rdata, sp = &loc, mctx); break; } case dns_rdatatype_mb: { - dns_rdata_mb_t mb; + static dns_rdata_mb_t mb; result = dns_rdata_tostruct(rdata, sp = &mb, mctx); break; } case dns_rdatatype_md: { - dns_rdata_md_t md; + static dns_rdata_md_t md; result = dns_rdata_tostruct(rdata, sp = &md, mctx); break; } case dns_rdatatype_mf: { - dns_rdata_mf_t mf; + static dns_rdata_mf_t mf; result = dns_rdata_tostruct(rdata, sp = &mf, mctx); break; } case dns_rdatatype_mg: { - dns_rdata_mg_t mg; + static dns_rdata_mg_t mg; result = dns_rdata_tostruct(rdata, sp = &mg, mctx); break; } case dns_rdatatype_minfo: { - dns_rdata_minfo_t minfo; + static dns_rdata_minfo_t minfo; result = dns_rdata_tostruct(rdata, sp = &minfo, mctx); break; } case dns_rdatatype_mr: { - dns_rdata_mr_t mr; + static dns_rdata_mr_t mr; result = dns_rdata_tostruct(rdata, sp = &mr, mctx); break; } case dns_rdatatype_mx: { - dns_rdata_mx_t mx; + static dns_rdata_mx_t mx; result = dns_rdata_tostruct(rdata, sp = &mx, mctx); break; } case dns_rdatatype_naptr: { - dns_rdata_naptr_t naptr; + static dns_rdata_naptr_t naptr; result = dns_rdata_tostruct(rdata, sp = &naptr, mctx); break; } case dns_rdatatype_ns: { - dns_rdata_ns_t ns; + static dns_rdata_ns_t ns; result = dns_rdata_tostruct(rdata, sp = &ns, mctx); break; } case dns_rdatatype_nsap: { - dns_rdata_in_nsap_t in_nsap; + static dns_rdata_in_nsap_t in_nsap; result = dns_rdata_tostruct(rdata, sp = &in_nsap, mctx); break; } case dns_rdatatype_nsap_ptr: { - dns_rdata_in_nsap_ptr_t in_nsap_ptr; + static dns_rdata_in_nsap_ptr_t in_nsap_ptr; result = dns_rdata_tostruct(rdata, sp = &in_nsap_ptr, mctx); break; } case dns_rdatatype_null: { - dns_rdata_null_t null; + static dns_rdata_null_t null; result = dns_rdata_tostruct(rdata, sp = &null, mctx); break; } case dns_rdatatype_nxt: { - dns_rdata_nxt_t nxt; + static dns_rdata_nxt_t nxt; result = dns_rdata_tostruct(rdata, sp = &nxt, mctx); break; } case dns_rdatatype_opt: { - dns_rdata_opt_t opt; + static dns_rdata_opt_t opt; result = dns_rdata_tostruct(rdata, sp = &opt, mctx); break; } case dns_rdatatype_ptr: { - dns_rdata_ptr_t ptr; + static dns_rdata_ptr_t ptr; result = dns_rdata_tostruct(rdata, sp = &ptr, mctx); break; } case dns_rdatatype_px: { - dns_rdata_in_px_t in_px; + static dns_rdata_in_px_t in_px; result = dns_rdata_tostruct(rdata, sp = &in_px, mctx); break; } case dns_rdatatype_rp: { - dns_rdata_rp_t rp; + static dns_rdata_rp_t rp; result = dns_rdata_tostruct(rdata, sp = &rp, mctx); break; } case dns_rdatatype_rt: { - dns_rdata_rt_t rt; + static dns_rdata_rt_t rt; result = dns_rdata_tostruct(rdata, sp = &rt, mctx); break; } case dns_rdatatype_sig: { - dns_rdata_sig_t sig; + static dns_rdata_sig_t sig; result = dns_rdata_tostruct(rdata, sp = &sig, mctx); break; } case dns_rdatatype_soa: { - dns_rdata_soa_t soa; + static dns_rdata_soa_t soa; result = dns_rdata_tostruct(rdata, sp = &soa, mctx); break; } case dns_rdatatype_srv: { - dns_rdata_in_srv_t in_srv; + static dns_rdata_in_srv_t in_srv; result = dns_rdata_tostruct(rdata, sp = &in_srv, mctx); break; } case dns_rdatatype_tkey: { - dns_rdata_tkey_t tkey; + static dns_rdata_tkey_t tkey; result = dns_rdata_tostruct(rdata, sp = &tkey, mctx); break; } case dns_rdatatype_tsig: { - dns_rdata_any_tsig_t tsig; + static dns_rdata_any_tsig_t tsig; result = dns_rdata_tostruct(rdata, sp = &tsig, mctx); break; } case dns_rdatatype_txt: { - dns_rdata_txt_t txt; + static dns_rdata_txt_t txt; result = dns_rdata_tostruct(rdata, sp = &txt, mctx); break; } case dns_rdatatype_spf: { - dns_rdata_spf_t spf; + static dns_rdata_spf_t spf; result = dns_rdata_tostruct(rdata, sp = &spf, mctx); break; } case dns_rdatatype_unspec: { - dns_rdata_unspec_t unspec; + static dns_rdata_unspec_t unspec; result = dns_rdata_tostruct(rdata, sp = &unspec, mctx); break; } case dns_rdatatype_uri: { - dns_rdata_uri_t uri; + static dns_rdata_uri_t uri; result = dns_rdata_tostruct(rdata, sp = &uri, mctx); break; } case dns_rdatatype_wks: { - dns_rdata_in_wks_t in_wks; + static dns_rdata_in_wks_t in_wks; result = dns_rdata_tostruct(rdata, sp = &in_wks, mctx); break; } case dns_rdatatype_x25: { - dns_rdata_x25_t x25; + static dns_rdata_x25_t x25; result = dns_rdata_tostruct(rdata, sp = &x25, mctx); break; } case dns_rdatatype_nsec: { - dns_rdata_nsec_t nsec; + static dns_rdata_nsec_t nsec; result = dns_rdata_tostruct(rdata, sp = &nsec, mctx); break; } case dns_rdatatype_rrsig: { - dns_rdata_rrsig_t rrsig; + static dns_rdata_rrsig_t rrsig; result = dns_rdata_tostruct(rdata, sp = &rrsig, mctx); break; } case dns_rdatatype_dnskey: { - dns_rdata_dnskey_t dnskey; + static dns_rdata_dnskey_t dnskey; result = dns_rdata_tostruct(rdata, sp = &dnskey, mctx); break; } diff --git a/bin/tests/sock_test.c b/bin/tests/sock_test.c index c9612f7894..2693d852ea 100644 --- a/bin/tests/sock_test.c +++ b/bin/tests/sock_test.c @@ -205,8 +205,9 @@ my_listen(isc_task_t *task, isc_event_t *event) { /* * Queue another listen on this socket. */ - isc_socket_accept(event->ev_sender, task, my_listen, - event->ev_arg); + RUNTIME_CHECK(isc_socket_accept(event->ev_sender, task, + my_listen, event->ev_arg) + == ISC_R_SUCCESS); region.base = isc_mem_get(mctx, 20); region.length = 20; diff --git a/bin/tests/zone_test.c b/bin/tests/zone_test.c index 8ce005d042..dcf9a6365e 100644 --- a/bin/tests/zone_test.c +++ b/bin/tests/zone_test.c @@ -261,8 +261,12 @@ main(int argc, char **argv) { case 'm': memset(&addr, 0, sizeof(addr)); addr.type.sin.sin_family = AF_INET; - inet_pton(AF_INET, isc_commandline_argument, - &addr.type.sin.sin_addr); + if (inet_pton(AF_INET, isc_commandline_argument, + &addr.type.sin.sin_addr) != 1) { + fprintf(stderr, "bad master address '%s'\n", + isc_commandline_argument); + exit(1); + } addr.type.sin.sin_port = htons(53); break; case 'q': diff --git a/lib/dns/private.c b/lib/dns/private.c index 6913a1446d..6521279f2d 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -299,6 +299,9 @@ isc_result_t dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_result_t result; + if (private->length < 5) + return (ISC_R_NOTFOUND); + if (private->data[0] == 0) { unsigned char nsec3buf[DNS_NSEC3PARAM_BUFFERSIZE]; unsigned char newbuf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -339,7 +342,7 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { if (remove && !nonsec) isc_buffer_putstr(buf, " / creating NSEC chain"); - } else { + } else if (private->length == 5) { unsigned char alg = private->data[0]; dns_keytag_t keyid = (private->data[2] | private->data[1] << 8); char keybuf[BUFSIZ], algbuf[DNS_SECALG_FORMATSIZE]; @@ -358,7 +361,8 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { dns_secalg_format(alg, algbuf, sizeof(algbuf)); sprintf(keybuf, "key %d/%s", keyid, algbuf); isc_buffer_putstr(buf, keybuf); - } + } else + return (ISC_R_NOTFOUND); isc_buffer_putuint8(buf, 0); result = ISC_R_SUCCESS; diff --git a/lib/dns/tests/private_test.c b/lib/dns/tests/private_test.c index 7e81122ded..f00b60dec2 100644 --- a/lib/dns/tests/private_test.c +++ b/lib/dns/tests/private_test.c @@ -59,7 +59,7 @@ typedef struct { */ static void make_signing(signing_testcase_t *testcase, dns_rdata_t *private, - unsigned char *buf) + unsigned char *buf, size_t len) { dns_rdata_init(private); @@ -69,7 +69,7 @@ make_signing(signing_testcase_t *testcase, dns_rdata_t *private, buf[3] = testcase->remove; buf[4] = testcase->complete; private->data = buf; - private->length = sizeof(buf); + private->length = len; private->type = privatetype; private->rdclass = dns_rdataclass_in; } @@ -161,7 +161,7 @@ ATF_TC_BODY(private_signing_totext, tc) { isc_buffer_init(&buf, output, sizeof(output)); - make_signing(&testcases[i], &private, data); + make_signing(&testcases[i], &private, data, sizeof(data)); dns_private_totext(&private, &buf); ATF_CHECK_STREQ(output, results[i]); } diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index 739187b29b..6ff40c7643 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -588,7 +588,7 @@ xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, isc_uint32_t ttl, case XFRST_AXFR_END: case XFRST_IXFR_END: FAIL(DNS_R_EXTRADATA); - break; + /* NOTREACHED */ default: INSIST(0); break; diff --git a/lib/dns/zone.c b/lib/dns/zone.c index b3eed83898..e5d24ece66 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -3260,7 +3260,8 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) { dns_rdataset_current(rdataset, &rdata); /* Convert rdata to keydata. */ - dns_rdata_tostruct(&rdata, &keydata, NULL); + result = dns_rdata_tostruct(&rdata, &keydata, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); /* Set the key refresh timer. */ set_refreshkeytimer(zone, &keydata, now); @@ -8150,7 +8151,8 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) { dns_rdata_reset(&dnskeyrr); dns_rdataset_current(&kfetch->dnskeyset, &dnskeyrr); - dns_rdata_tostruct(&dnskeyrr, &dnskey, NULL); + result = dns_rdata_tostruct(&dnskeyrr, &dnskey, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); /* Skip ZSK's */ if (!ISC_TF(dnskey.flags & DNS_KEYFLAG_KSK)) @@ -12667,7 +12669,8 @@ checkandaddsoa(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, result = dns_rdataset_first(rdataset); RUNTIME_CHECK(result == ISC_R_SUCCESS); dns_rdataset_current(rdataset, &rdata); - dns_rdata_tostruct(&rdata, &soa, NULL); + result = dns_rdata_tostruct(&rdata, &soa, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); if (isc_serial_gt(soa.serial, oldserial)) return (dns_db_addrdataset(db, node, version, 0, rdataset, 0,