blob: 7e5a712cd917e31bb4693283506d74b8e252c743 (
plain) (
tree)
|
|
From 43a915a1b741b7c5bad2f622de90f353cdae7694 Mon Sep 17 00:00:00 2001
From: Khaidi Chu <i@2333.moe>
Date: Mon, 4 Feb 2019 10:38:07 +0800
Subject: [PATCH] fix: init bufp before reject .onion to make it can be free
correctly (#241)
When querying a .onion domain, it returns directly without setting bufp to NULL. A subsequent free() that occurs can cause a segmentation fault.
Fix By: Khaidi Chu (@XadillaX)
---
ares_create_query.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/ares_create_query.c b/ares_create_query.c
index 1606b1a1..9efce17c 100644
--- a/ares_create_query.c
+++ b/ares_create_query.c
@@ -94,14 +94,14 @@ int ares_create_query(const char *name, int dnsclass, int type,
size_t buflen;
unsigned char *buf;
- /* Per RFC 7686, reject queries for ".onion" domain names with NXDOMAIN. */
- if (ares__is_onion_domain(name))
- return ARES_ENOTFOUND;
-
/* Set our results early, in case we bail out early with an error. */
*buflenp = 0;
*bufp = NULL;
+ /* Per RFC 7686, reject queries for ".onion" domain names with NXDOMAIN. */
+ if (ares__is_onion_domain(name))
+ return ARES_ENOTFOUND;
+
/* Allocate a memory area for the maximum size this packet might need. +2
* is for the length byte and zero termination if no dots or ecscaping is
* used.
|
