Avoid a segfault when generating a DNS "Transaction ID" in internal

function init_id_key() under low memory conditions.

diff --git a/ares/CHANGES b/ares/CHANGES
index 2a94acf9e6cda66fb3967b22ea87e1ab0521e6d0..f7a9ca6cf117f4e35c63597fbe9809d244c3fc48 100644 (file)
--- a/ares/CHANGES
+++ b/ares/CHANGES
@@ -1,9 +1,13 @@
   Changelog for the c-ares project
 
 * October 2 2007 (Daniel Stenberg)
+
 - ares_strerror() segfaulted if the input error number was out of the currently
   supported range.
 
+- Yang Tse: Avoid a segfault when generating a DNS "Transaction ID" in
+  internal function init_id_key() under low memory conditions.
+
 * September 28 2007 (Daniel Stenberg)
 
 - Bumped version to 1.5.0 for next release and soname bumped to 2 due to ABI

diff --git a/ares/ares_init.c b/ares/ares_init.c
index c792f0a84b1aa03c620f32e54fbaf250f058fdec..e37ac7b6ecc248a86d7b4cdd989a134d747a7fee 100644 (file)
--- a/ares/ares_init.c
+++ b/ares/ares_init.c
@@ -75,7 +75,7 @@ static int config_nameserver(struct server_state **servers, int *nservers,
 static int set_search(ares_channel channel, const char *str);
 static int set_options(ares_channel channel, const char *str);
 static const char *try_option(const char *p, const char *q, const char *opt);
-static void init_id_key(rc4_key* key,int key_data_len);
+static int init_id_key(rc4_key* key,int key_data_len);
 
 #ifndef WIN32
 static int sortlist_alloc(struct apattern **sortlist, int *nsort, struct apattern *pat);
@@ -189,6 +189,18 @@ int ares_init_options(ares_channel *channelptr, struct ares_options *options,
       DEBUGF(fprintf(stderr, "Error: init_by_defaults failed: %s\n",
                      ares_strerror(status)));
   }
+
+  /* Generate random key */
+
+  if (status == ARES_SUCCESS) {
+    status = init_id_key(&channel->id_key, ARES_ID_KEY_LEN);
+    if (status == ARES_SUCCESS)
+      channel->next_id = ares__generate_new_id(&channel->id_key);
+    else
+      DEBUGF(fprintf(stderr, "Error: init_id_key failed: %s\n",
+                     ares_strerror(status)));
+  }
+
   if (status != ARES_SUCCESS)
     {
       /* Something failed; clean up memory we may have allocated. */
@@ -228,10 +240,6 @@ int ares_init_options(ares_channel *channelptr, struct ares_options *options,
       server->is_broken = 0;
     }
 
-  init_id_key(&channel->id_key, ARES_ID_KEY_LEN);
-
-  channel->next_id = ares__generate_new_id(&channel->id_key);
-
   *channelptr = channel;
   return ARES_SUCCESS;
 }
@@ -1345,7 +1353,7 @@ static void randomize_key(unsigned char* key,int key_data_len)
   }
 }
 
-static void init_id_key(rc4_key* key,int key_data_len)
+static int init_id_key(rc4_key* key,int key_data_len)
 {
   unsigned char index1;
   unsigned char index2;
@@ -1354,6 +1362,9 @@ static void init_id_key(rc4_key* key,int key_data_len)
   unsigned char *key_data_ptr = 0;
 
   key_data_ptr = calloc(1,key_data_len);
+  if (!key_data_ptr)
+    return ARES_ENOMEM;
+
   randomize_key(key->state,key_data_len);
   state = &key->state[0];
   for(counter = 0; counter < 256; counter++)
@@ -1372,7 +1383,7 @@ static void init_id_key(rc4_key* key,int key_data_len)
     index1 = (index1 + 1) % key_data_len;
   }
   free(key_data_ptr);
-
+  return ARES_SUCCESS;
 }
 
 short ares__generate_new_id(rc4_key* key)