git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Ondřej Surý <ondrej@isc.org>
	Sat, 14 Feb 2026 13:43:41 +0000 (14:43 +0100)
committer	Ondřej Surý <ondrej@isc.org>
	Tue, 24 Feb 2026 16:10:52 +0000 (17:10 +0100)
commit	e0d05145e1e36ff4fdf7615f762f58f8000f44e7
tree	574d999bb73db6e1c88ad0295c83091057f0aa1c	tree \| snapshot
parent	8931f82dc8bdf1d5e421c53f5ce10bb91e54f62f	commit \| diff

Invalid NSEC3 can cause OOB read of the isdelegation() stack

When .next_length is longer than NSEC3_MAX_HASH_LENGTH, it causes a
harmless out-of-bound read of the isdelegation() stack. This patch
fixes the issue by skipping NSEC3 records with an oversized hash length
during validation.

(cherry picked from commit 67b4fb56e40bf856e1fccd41e752d5f486b5b569)

lib/dns/rdata/generic/nsec3_50.c		diff \| blob \| blame \| history
lib/dns/validator.c		diff \| blob \| blame \| history

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom