[PATCH] Check maxlen only once in loop in parse_inaddr_arpa() in nmap_dns.cc

[Kris Katterjohn <kjak () ispwest com>]

The attached patch moves the first 'if (maxlen <= 0) return 0;' outside
the loop in parse_inaddr_arpa() in nmap_dns.cc so it's only done once.

Old loop:

  for (i=0; i<=3; i++) {
    if (maxlen <= 0) return 0;

    if (buf[0] < 1 || buf[0] > 3) return 0;

    maxlen -= buf[0] + 1;
    if (maxlen <= 0) return 0;

    for (j=1; j<=buf[0]; j++) if (!isdigit(buf[j])) return 0;

    ip |= atoi((char *) buf+1) << (8*i);
    buf += buf[0] + 1;
  }

As you can see, maxlen only needs to be tested <= 0 before the loop and
after it's modified in the loop instead of twice in the loop.

It's a diff against 4.20ALPHA5.

Thanks,
Kris Katterjohn

--- x/nmap_dns.cc       2006-08-28 23:02:35.000000000 -0500
+++ y/nmap_dns.cc       2006-09-01 13:21:01.000000000 -0500
@@ -569,9 +569,9 @@ static u32 parse_inaddr_arpa(unsigned ch
   u32 ip=0;
   int i, j;
 
-  for (i=0; i<=3; i++) {
-    if (maxlen <= 0) return 0;
+  if (maxlen <= 0) return 0;
 
+  for (i=0; i<=3; i++) {
     if (buf[0] < 1 || buf[0] > 3) return 0;
 
     maxlen -= buf[0] + 1;


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org