Hi. I did a version diff scan between 2.68 and 2.69rc1 version. >From my point of view there is one thing worth of fixing, I'm attaching the patch.
I'm also attaching the coverity scan log. Regards, Tomas Hozza
csdiff_dnsmasq_2.68-2.69rc1.err
Description: Binary data
From d9eb8adbcaec4018f9d39d676d32a02c16f22371 Mon Sep 17 00:00:00 2001
From: Tomas Hozza <tho...@redhat.com>
Date: Mon, 24 Mar 2014 14:43:14 +0100
Subject: [PATCH] Add check for the return value of recvfrom.
recvfrom return signed value which is then passed to functions
that take unsigned value as an argument.
Coverity log:
Error: NEGATIVE_RETURNS (CWE-394):
dnsmasq-2.69rc1/src/forward.c:683: negative_return_fn: Function
"recvfrom(fd, dnsmasq_daemon->packet, dnsmasq_daemon->packet_buff_sz, 0,
__SOCKADDR_ARG({ .__sockaddr__ = &serveraddr.sa}), &addrlen)" returns a
negative number.
dnsmasq-2.69rc1/src/forward.c:683: var_assign: Assigning: signed
variable "n" = "recvfrom(int, void * restrict, size_t, int,
__SOCKADDR_ARG, socklen_t * restrict)".
dnsmasq-2.69rc1/src/forward.c:713: negative_returns: "n" is passed to a
parameter that cannot be negative.
dnsmasq-2.69rc1/src/rfc1035.c:364:62: sizet: "plen" is a size_t
parameter.
Signed-off-by: Tomas Hozza <tho...@redhat.com>
---
src/forward.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/forward.c b/src/forward.c
index 3f4ec62..e4690a0 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -688,6 +688,12 @@ void reply_query(int fd, int family, time_t now)
unsigned int crc;
#endif
+ if (n < 0)
+ {
+ my_syslog(LOG_WARNING, _("Failed to receive DNS reply from remote server - (%d) %s"), errno, strerror(errno));
+ return;
+ }
+
/* packet buffer overwritten */
daemon->srv_save = NULL;
--
1.8.5.3
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
