Hi,
We noticed a small buglet in ares_search() when it gets an empty string as
input -- the single_domain() utility function in ares_search.c accesses
invalid memory (before the start of the string). I've attached a patch
below.
Regards,
David
----------------------------
diff --git a/ares_search.c b/ares_search.c
index ec07640..f9558a9 100644
--- a/ares_search.c
+++ b/ares_search.c
@@ -239,7 +239,7 @@ static int single_domain(ares_channel channel, const
char *name, char **s)
/* If the name contains a trailing dot, then the single query is the name
* sans the trailing dot.
*/
- if (name[len - 1] == '.')
+ if ((len > 0) && (name[len - 1] == '.'))
{
*s = strdup(name);
return (*s) ? ARES_SUCCESS : ARES_ENOMEM;
Received on 2013-11-12