From: Yang Tse Date: Wed, 26 Nov 2008 17:04:35 +0000 (+0000) Subject: Gerald Combs fixed a bug in ares_parse_ptr_reply() which would cause a X-Git-Tag: cares-1_6_0~40 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=67fb731ec495b9bcc2e16ba48a39f13362a3a6db;p=curl Gerald Combs fixed a bug in ares_parse_ptr_reply() which would cause a buffer to shrink instead of expand if a reply contained 8 or more records. --- diff --git a/ares/CHANGES b/ares/CHANGES index 4c6b7b228..fcc41f04a 100644 --- a/ares/CHANGES +++ b/ares/CHANGES @@ -3,6 +3,9 @@ * Nov 26 2008 (Yang Tse) - Brad Spencer provided changes to allow buildconf to work on OS X. +- Gerald Combs fixed a bug in ares_parse_ptr_reply() which would cause a + buffer to shrink instead of expand if a reply contained 8 or more records. + * Nov 25 2008 (Yang Tse) - In preparation for the upcomming IPv6 nameservers patch, the internal ares_addr union is now changed into an internal struct which also holds diff --git a/ares/ares_parse_ptr_reply.c b/ares/ares_parse_ptr_reply.c index c5d8e14c8..54fb560b0 100644 --- a/ares/ares_parse_ptr_reply.c +++ b/ares/ares_parse_ptr_reply.c @@ -55,6 +55,7 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr, char *ptrname, *hostname, *rr_name, *rr_data; struct hostent *hostent; int aliascnt = 0; + int alias_alloc = 8; char ** aliases; /* Set *host to NULL for all failure cases. */ @@ -84,7 +85,7 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr, /* Examine each answer resource record (RR) in turn. */ hostname = NULL; - aliases = malloc(8 * sizeof(char *)); + aliases = malloc(alias_alloc * sizeof(char *)); if (!aliases) { free(ptrname); @@ -125,9 +126,10 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr, } strncpy(aliases[aliascnt], rr_data, strlen(rr_data)+1); aliascnt++; - if ((aliascnt%8)==0) { + if (aliascnt >= alias_alloc) { char **ptr; - ptr = realloc(aliases, (aliascnt/16+1) * sizeof(char *)); + alias_alloc *= 2; + ptr = realloc(aliases, alias_alloc * sizeof(char *)); if(!ptr) { status = ARES_ENOMEM; break;