Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • BIND BIND
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 577
    • Issues 577
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 116
    • Merge requests 116
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source ProjectsISC Open Source Projects
  • BINDBIND
  • Issues
  • #403
Closed
Open
Issue created Jul 11, 2018 by Ghost User@ghost

Missing Sanity Check for call to next_token() in file 'dig.c'

Bill Parker (wp02855@gmail.com)

Summary

In BIND 9.12.1-P2, in directory 'bin/dig', file 'dig.c', in function 'plus_option' at approximately line 1002, there is a call to next_token() which is not checked for a return value of NULL, which could result in a possible dereference.

Steps to reproduce

N/A

What is the current bug behavior?

Code does not sanity check call(s) to next_token()...

What is the expected correct behavior?

Add test to code to check for return value of NULL.

Relevant configuration files

N/A

Relevant logs and/or screenshots

N/A

Possible fixes

Code Listed Below and Attached to this Issue report:

Add test to code to check for return value of NULL.

--- dig.c.orig 2018-07-10 19:32:16.266716156 -0700 +++ dig.c 2018-07-10 19:35:42.855335607 -0700 @@ -1003,6 +1003,11 @@ goto exit_or_usage; } code = next_token(&value, ":");

  •                                           if (code == NULL) {
  •                                                   warn("ednsopt not "
  •                                                        "specified");
  •                                                   goto exit_of_usage;
  •                                           }
                                              save_opt(lookup, code, value);
                                              break;
                                      default:

dig.c.patch

Assignee
Assign to
Time tracking