dirmngr: Do not use MAXDNAME.

* dirmngr/dns-stuff.c (getsrv): Replace MAXDNAME. * dirmngr/dns-stuff.h (MAXDNAME): Remove. (struct srventry): Use a fixed value instead of MAXDNAME. * dirmngr/http.c (connect_server): Use DIMof instead of MAXDNAME. Malloc a helper array. -- Depending on the order of included headers it might be that we allocate the array with a different size than what we test against in another module. To make it more robust we use the actual known size of checking. A better would be to use a linked list and avoid these large arrays. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-01-05 12:31:50 +01:00 · 2015-10-22 09:52:51 +02:00 · 2015-10-22 09:52:51 +02:00 · e03a4a94bb
commit e03a4a94bb
parent 41bb01ae79
3 changed files with 20 additions and 15 deletions
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@ -651,7 +651,7 @@ getsrv (const char *name,struct srventry **list)
        struct srventry *srv = NULL;
        struct srventry *newlist;
-        if (strlen (answer->rrs.srvha[count].ha.host) >= MAXDNAME)
+        if (strlen (answer->rrs.srvha[count].ha.host) >= sizeof srv->target)
          {
            log_info ("hostname in SRV record too long - skipped\n");
            continue;
@ -747,7 +747,7 @@ getsrv (const char *name,struct srventry **list)
        /* Get the name.  2782 doesn't allow name compression, but
           dn_expand still works to pull the name out of the
           packet. */
-        rc = dn_expand(answer,emsg,pt,srv->target,MAXDNAME);
+        rc = dn_expand(answer,emsg,pt,srv->target, sizeof srv->target);
        if (rc == 1 && srv->target[0] == 0) /* "." */
          {
            xfree(*list);
--- a/dirmngr/dns-stuff.h
+++ b/dirmngr/dns-stuff.h
@ -71,18 +71,13 @@ struct dns_addrinfo_s
 };
 #ifndef MAXDNAME
 #define MAXDNAME 1025
 #endif
 struct srventry
 {
  unsigned short priority;
  unsigned short weight;
  unsigned short port;
  int run_count;
-  char target[MAXDNAME];
+  char target[1025];
 };
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@ -2251,13 +2251,23 @@ connect_server (const char *server, unsigned short port,
  if (srvtag)
    {
      /* We're using SRV, so append the tags. */
-      if (1+strlen (srvtag) + 6 + strlen (server) + 1 <= MAXDNAME)
+      if (1 + strlen (srvtag) + 6 + strlen (server) + 1
          <= DIMof (struct srventry, target))
 	{
-	  char srvname[MAXDNAME];
+	  char *srvname = xtrymalloc (DIMof (struct srventry, target));
          if (!srvname) /* Out of core */
            {
              serverlist = NULL;
              srvcount = 0;
            }
          else
            {
              stpcpy (stpcpy (stpcpy (stpcpy (srvname,"_"), srvtag),
                              "._tcp."), server);
              srvcount = getsrv (srvname, &serverlist);
              xfree (srvname);
            }
 	}
    }
 #else
@ -2273,8 +2283,8 @@ connect_server (const char *server, unsigned short port,
      if (!serverlist)
        return -1; /* Out of core.  */
      serverlist->port = port;
-      strncpy (serverlist->target, server, MAXDNAME);
+      strncpy (serverlist->target, server, DIMof (struct srventry, target));
-      serverlist->target[MAXDNAME-1] = '\0';
+      serverlist->target[DIMof (struct srventry, target)-1] = '\0';
      srvcount = 1;
    }