From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Thu, 7 Mar 2024 08:10:46 +0000 (+0100)
Subject: - Fix CVE-2024-1931, Denial of service when trimming EDE text on
X-Git-Tag: release-1.19.2^0
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5b37cd6e4cf1aafe0cce4de792c42bc5a0fcdf57;p=thirdparty%2Funbound.git

- Fix CVE-2024-1931, Denial of service when trimming EDE text on
  positive replies.
---

diff --git a/util/data/msgencode.c b/util/data/msgencode.c
index 80ae33a38..898ff8412 100644
--- a/util/data/msgencode.c
+++ b/util/data/msgencode.c
@@ -886,6 +886,9 @@ ede_trim_text(struct edns_option** list)
 				curr->opt_len = 2;
 				prev = curr;
 				curr = curr->next;
+			} else {
+				prev = curr;
+				curr = curr->next;
 			}
 		} else {
 			/* continue */