* Michael Tokarev: >> udns doesn't handle truncation, so it won't play well with the >> PowerDNS recursor (which doesn't support EDNS). > > One of the limitations of simplicity of design - only one > socket and it's obviously UDP. With deployment of DNSSEC > everywhere EDNS support becomes a requiriment, because of > the size of DNSSEC records, so this problem becomes less > and less of an issue. Yes I understand this is where > udns does not conform to standards.
>> The domain name parser triggers undefined behavior for certain inputs >> because it performs out-of-bound pointer arithmetic. This is unlikely >> to cause practical problems with current GCC versions (but LTO might >> change this). > > And here goes my main question. > > http://www.corpit.ru/mjt/udns_dn.c is the code in question, the > domain parser. Florian, can you please tell me where do you think > it performs such oob arith? I think I was referring to loop exit conditions such as: while(--s >= (dnscc_t *)addr) { These are problematic if the compiler can prove that addr does not point into an array of suitable struct ?_addr objects. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
