diff options
author | Daniel Stenberg <daniel@haxx.se> | 2005-06-02 11:09:10 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2005-06-02 11:09:10 +0000 |
commit | ae75ee14234b6d1b22832081d7dbd1d281c955cb (patch) | |
tree | b641bfa28499203afe48417b389500b6bf35e17e /ares_expand_name.c | |
parent | 209b6c1af7093fd0990552e7288f05f33cd1b127 (diff) | |
download | c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.tar.gz c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.tar.bz2 c-ares-ae75ee14234b6d1b22832081d7dbd1d281c955cb.zip |
William Ahern:
I'm not quite sure how this was happening, but I've been seeing PTR queries
which seem to return empty responses. At least, they were empty when calling
ares_expand_name() on the record. Here's a patch which guarantees to
NUL-terminate the expanded name. The old behavior failed to NUL-terminate if
len was 0, and this was causing strlen() to run past the end of the buffer
after calling ares_expand_name() and getting ARES_SUCCESS as the return
value. If q is not greater than *s then it's equal and *s is always
allocated with at least one byte.
Diffstat (limited to 'ares_expand_name.c')
-rw-r--r-- | ares_expand_name.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ares_expand_name.c b/ares_expand_name.c index 114d0c5..8c5be9b 100644 --- a/ares_expand_name.c +++ b/ares_expand_name.c @@ -106,6 +106,8 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf, /* Nuke the trailing period if we wrote one. */ if (q > *s) *(q - 1) = 0; + else + *q = 0; /* zero terminate */ return ARES_SUCCESS; } |