[Bug 1281] getrrsetbyname() does not check the presence of SIG records

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Feb 10 00:54:28 EST 2007


http://bugzilla.mindrot.org/show_bug.cgi?id=1281

           Summary: getrrsetbyname() does not check the presence of SIG
                    records
           Product: Portable OpenSSH
           Version: 4.4p1
          Platform: Alpha
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: svallet at genoscope.cns.fr


In getrrsetbyname(), the value of rrset->rri_nsigs is not checked
before calling calloc() to initialize rrset->rri_sigs -- this is a
problem when rri_nsigs is 0, since calloc() returns a null pointer on
some OSes when asked to allocate 0 bytes.

Quoting POSIX regarding calloc():
"If the size of the space requested is 0, the behavior is
implementation-defined: the value returned shall be either a null
pointer or a unique pointer."

Tru64 5.1A, for example, does return NULL in this case -- see
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=117098800530793

A minimal patch against 4.4p1 is attached




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


More information about the openssh-bugs mailing list