CID 316511: Insecure data handling (TAINTED_SCALAR)
*** CID 316511: Insecure data handling (TAINTED_SCALAR)
/lib/dns/rdata/generic/hip_55.c: 496 in casecompare_hip()
490 key_len = uint16_fromregion(&r1);
491 isc_region_consume(&r1, 2); /* key length */
492 isc_region_consume(&r2, 4);
493
494 INSIST(r1.length >= (unsigned)(hit_len + key_len));
495 INSIST(r2.length >= (unsigned)(hit_len + key_len));
>>> CID 316511: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted expression "hit_len + key_len" to "memcmp", which uses it as an offset.
496 order = memcmp(r1.base, r2.base, hit_len + key_len);
497 if (order != 0) {
498 return (order);
499 }
500 isc_region_consume(&r1, hit_len + key_len);
501 isc_region_consume(&r2, hit_len + key_len);
