Fix crash in resolver on memory allocation failure (bug 23005)
Commit Message
[BZ #23005]
* resolv/res_send.c (__res_context_send): Return ENOMEM if
allocation of private copy of nsaddr_list fails.
---
resolv/res_send.c | 5 +++++
1 file changed, 5 insertions(+)
Comments
On 03/27/2018 05:28 AM, Andreas Schwab wrote:
> [BZ #23005]
> * resolv/res_send.c (__res_context_send): Return ENOMEM if
> allocation of private copy of nsaddr_list fails.
> ---
> resolv/res_send.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/resolv/res_send.c b/resolv/res_send.c
> index dde0425a33..7debf143f7 100644
> --- a/resolv/res_send.c
> +++ b/resolv/res_send.c
> @@ -471,6 +471,11 @@ __res_context_send (struct resolv_context *ctx,
> '\0',
> sizeof (struct sockaddr_in6)
> - sizeof (struct sockaddr_in));
> + else
> + {
> + __set_errno (ENOMEM);
OK.
> + return -1;
OK, I reviewed the call chain to get there and it looks like -1 should
go all the way to the caller.
> + }
> }
> EXT(statp).nscount = statp->nscount;
> }
>
LGTM.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
@@ -471,6 +471,11 @@ __res_context_send (struct resolv_context *ctx,
'\0',
sizeof (struct sockaddr_in6)
- sizeof (struct sockaddr_in));
+ else
+ {
+ __set_errno (ENOMEM);
+ return -1;
+ }
}
EXT(statp).nscount = statp->nscount;
}