From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <77e5af21864417917c398575fb84095d@rei2.9hal>
Date: Wed, 22 Aug 2012 12:32:42 +0200
From: cinap_lenrek@gmx.de
To: 9fans@9fans.net
In-Reply-To: <7923a269495e9abf153363f63d452d3c@ladd.quanstro.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: Re: [9fans] dns
Topicbox-Message-UUID: ad9898f0-ead7-11e9-9d60-3106f5b1d025

wait, Maxdest is a count, see:

dest = emalloc(Maxdest * sizeof *dest);	/* dest can't be on stack */

code like:

Dest	*curdest;	/* pointer to next to fill */

p = dp->dest;
...
if (qp->ndest > qp->curdest - p) {

and

for(p = qp->dest; p < qp->curdest; p++)

indicates that dp->curdest is an end pointer. so it should be perfectly valid
for it to point at &dp->dest[Maxdest].

the check at the top of serveraddrs() should really be:

if(nd >= Maxdest)		/* dest array is full? */
	return Maxdest;

serveraddr() really returns a count. which is the same as an
end pointer index.

the result check of that serveraddr() call should really be:

		if (j < 0 || j > Maxdest) {
			dnslog("serveraddrs() result %d out of range", j);
			abort();
		}
		qp->curdest = &qp->dest[j];

and the destck(dp->curdest); should be removed.

--- a/sys/src/cmd/ndb/dnresolve.c	Wed Aug 22 00:11:42 2012 +0200
+++ b/sys/src/cmd/ndb/dnresolve.c	Wed Aug 22 12:28:34 2012 +0200
@@ -832,7 +832,7 @@
 	Dest *cur;

 	if(nd >= Maxdest)		/* dest array is full? */
-		return Maxdest - 1;
+		return Maxdest;

 	/*
 	 *  look for a server whose address we already know.
@@ -1080,13 +1080,12 @@
 	 */
 	if (qp->ndest > qp->curdest - p) {
 		j = serveraddrs(qp, qp->curdest - p, depth);
-		if (j < 0 || j >= Maxdest) {
+		if (j < 0 || j > Maxdest) {
 			dnslog("serveraddrs() result %d out of range", j);
 			abort();
 		}
 		qp->curdest = &qp->dest[j];
 	}
-	destck(qp->curdest);

 	/* no servers, punt */
 	if (qp->ndest == 0)

--
cinap