Hi.
I did a version diff scan between 2.68 and 2.69rc1 version.
From my point of view there is one thing worth of fixing,
I'm attaching the patch.
I'm also attaching the coverity scan log.
Regards,
Tomas Hozza
csdiff_dnsmasq_2.68-2.69rc1.err
Description: Binary data
From d9eb8adbcaec4018f9d39d676d32a02c16f22371 Mon Sep 17 00:00:00 2001
From: Tomas Hozza tho...@redhat.com
Date: Mon, 24 Mar 2014 14:43:14 +0100
Subject: [PATCH] Add check for the return value of recvfrom.
recvfrom return signed value which is then passed to functions
that take unsigned value as an argument.
Coverity log:
Error: NEGATIVE_RETURNS (CWE-394):
dnsmasq-2.69rc1/src/forward.c:683: negative_return_fn: Function
recvfrom(fd, dnsmasq_daemon-packet, dnsmasq_daemon-packet_buff_sz, 0,
__SOCKADDR_ARG({ .__sockaddr__ = serveraddr.sa}), addrlen) returns a
negative number.
dnsmasq-2.69rc1/src/forward.c:683: var_assign: Assigning: signed
variable n = recvfrom(int, void * restrict, size_t, int,
__SOCKADDR_ARG, socklen_t * restrict).
dnsmasq-2.69rc1/src/forward.c:713: negative_returns: n is passed to a
parameter that cannot be negative.
dnsmasq-2.69rc1/src/rfc1035.c:364:62: sizet: plen is a size_t
parameter.
Signed-off-by: Tomas Hozza tho...@redhat.com
---
src/forward.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/forward.c b/src/forward.c
index 3f4ec62..e4690a0 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -688,6 +688,12 @@ void reply_query(int fd, int family, time_t now)
unsigned int crc;
#endif
+ if (n 0)
+{
+ my_syslog(LOG_WARNING, _(Failed to receive DNS reply from remote server - (%d) %s), errno, strerror(errno));
+ return;
+}
+
/* packet buffer overwritten */
daemon-srv_save = NULL;
--
1.8.5.3
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss