CID 316505: Insecure data handling (TAINTED_SCALAR) (#2425) · Issues · ISC Open Source Projects / BIND

CID 316505: Insecure data handling (TAINTED_SCALAR)

*** CID 316505:  Insecure data handling  (TAINTED_SCALAR)
/lib/dns/journal.c: 972 in journal_find()
966     		return (ISC_R_SUCCESS);
967     	}
968     
969     	current_pos = j->header.begin;
970     	index_find(j, serial, &current_pos);
971     
>>>     CID 316505:  Insecure data handling  (TAINTED_SCALAR)
>>>     Using tainted variable "current_pos.serial" as a loop boundary.
972     	while (current_pos.serial != serial) {
973     		if (DNS_SERIAL_GT(current_pos.serial, serial)) {
974     			return (ISC_R_NOTFOUND);
975     		}
976     		result = journal_next(j, &current_pos);
977     		if (result != ISC_R_SUCCESS) {