From 2eddee1ce8e3a644b73e03b65e8d4a3ccd024c76 Mon Sep 17 00:00:00 2001
From: Pierre Habouzit <madcoder@debian.org>
Date: Tue, 7 Oct 2008 10:46:35 +0200
Subject: [PATCH] Force the final dot, even if not provided in the
 configuration for RBLs.

Note: the len - 2 and len - 1 are safe because each format will always
write more than 2 chars in the buffer.

We also check for overflow at the same time.

Signed-off-by: Pierre Habouzit <madcoder@debian.org>
---
 common/rbl.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/common/rbl.c b/common/rbl.c
index 0ae4979..1f2f442 100644
--- a/common/rbl.c
+++ b/common/rbl.c
@@ -56,15 +56,27 @@ static inline rbl_result_t rbl_dns_check(const char *hostname)
 rbl_result_t rbl_check(const char *rbl, uint32_t ip)
 {
     char host[257];
-    snprintf(host, 257, "%d.%d.%d.%d.%s",
-             ip & 0xff, (ip >> 8) & 0xff, (ip >> 16) & 0xff, (ip >> 24) & 0xff,
-             rbl);
+    int len;
+
+    len = snprintf(host, 257, "%d.%d.%d.%d.%s.",
+                   ip & 0xff, (ip >> 8) & 0xff, (ip >> 16) & 0xff, (ip >> 24) & 0xff,
+                   rbl);
+    if (len >= (int)sizeof(host))
+        return RBL_ERROR;
+    if (host[len - 2] == '.')
+        host[len - 1] = '\0';
     return rbl_dns_check(host);
 }
 
 rbl_result_t rhbl_check(const char *rhbl, const char *hostname)
 {
     char host[257];
-    snprintf(host, 257, "%s.%s", hostname, rhbl);
+    int len;
+
+    len = snprintf(host, 257, "%s.%s.", hostname, rhbl);
+    if (len >= (int)sizeof(host))
+        return RBL_ERROR;
+    if (host[len - 2] == '.')
+        host[len - 1] = '\0';
     return rbl_dns_check(host);
 }
-- 
2.20.1