]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 58df5ae) | patch
BUG: dns: Prevent out-of-bounds read in dns_read_name()
authorRemi Gacogne <remi.gacogne@powerdns.com>
Wed, 5 Dec 2018 16:55:10 +0000 (17:55 +0100)
committerWilly Tarreau <w@1wt.eu>
Wed, 12 Dec 2018 13:44:13 +0000 (14:44 +0100)
commit2d19fbcab21356f5aee1f2a52591a38665360bb6
treeb5bb53b852ce75d4f76b15eb74e95bc857b0c10etree | snapshot
parent58df5aea0a0c926b2238f65908f5e9f83d1cca25commit | diff
BUG: dns: Prevent out-of-bounds read in dns_read_name()

Some callers of dns_read_name() do not make sure that we can read
the first byte, holding the length of the next label, without going
past our buffer, so we need to make sure of that.
In addition, if the label is a compressed one we need to make sure
that we can read the following byte to compute the target offset.

To be backported to 1.8, probably also 1.7.
src/dns.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git