William Ahern:

I'm not quite sure how this was happening, but I've been seeing PTR queries which seem to return empty responses. At least, they were empty when calling ares_expand_name() on the record. Here's a patch which guarantees to NUL-terminate the expanded name. The old behavior failed to NUL-terminate if len was 0, and this was causing strlen() to run past the end of the buffer after calling ares_expand_name() and getting ARES_SUCCESS as the return value. If q is not greater than *s then it's equal and *s is always allocated with at least one byte.
author: Daniel Stenberg <daniel@haxx.se> 2005-06-02 11:09:10 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2005-06-02 11:09:10 +0000
commit: ae75ee14234b6d1b22832081d7dbd1d281c955cb (patch)
tree: b641bfa28499203afe48417b389500b6bf35e17e /ares_expand_name.c
parent: 209b6c1af7093fd0990552e7288f05f33cd1b127 (diff)
download: c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.tar.gz
c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.tar.bz2
c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ares_expand_name.c b/ares_expand_name.c
index 114d0c5..8c5be9b 100644
--- a/ares_expand_name.c
+++ b/ares_expand_name.c
@@ -106,6 +106,8 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
   /* Nuke the trailing period if we wrote one. */
   if (q > *s)
     *(q - 1) = 0;
+  else
+    *q = 0; /* zero terminate */
 
   return ARES_SUCCESS;
 }
author	Daniel Stenberg <daniel@haxx.se>	2005-06-02 11:09:10 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2005-06-02 11:09:10 +0000
commit	ae75ee14234b6d1b22832081d7dbd1d281c955cb (patch)
tree	b641bfa28499203afe48417b389500b6bf35e17e /ares_expand_name.c
parent	209b6c1af7093fd0990552e7288f05f33cd1b127 (diff)
download	c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.tar.gz c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.tar.bz2 c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.zip