Skip to content

GitLab

Open
Created by Michal Nowak@mnowakOwner

CID 316506: Insecure data handling (TAINTED_SCALAR)

*** CID 316506:  Insecure data handling  (TAINTED_SCALAR)
/lib/dns/journal.c: 1855 in read_one_rr()
1849     	 */
1850     	if (isc_buffer_remaininglength(&j->it.source) != rdlen) {
1851     		FAIL(DNS_R_FORMERR);
1852     	}
1853     	isc_buffer_setactive(&j->it.source, rdlen);
1854     	dns_rdata_reset(&j->it.rdata);
>>>     CID 316506:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "j->it.source.active" to "dns_rdata_fromwire", which uses it as a loop boundary.
1855     	CHECK(dns_rdata_fromwire(&j->it.rdata, rdclass, rdtype, &j->it.source,
1856     				 &j->it.dctx, 0, &j->it.target));
1857     	j->it.ttl = ttl;
1858     
1859     	j->it.xpos += sizeof(journal_rawrrhdr_t) + rrhdr.size;
1860     	if (rdtype == dns_rdatatype_soa) {