NSEC3: reject records with a zero length hash field

author Mark Andrews <marka@isc.org>

Thu, 13 Aug 2020 02:46:55 +0000 (12:46 +1000)

committer Mark Andrews <marka@isc.org>

Thu, 13 Aug 2020 13:06:55 +0000 (23:06 +1000)
author Mark Andrews <marka@isc.org>
Thu, 13 Aug 2020 02:46:55 +0000 (12:46 +1000)
committer Mark Andrews <marka@isc.org>
Thu, 13 Aug 2020 13:06:55 +0000 (23:06 +1000)
diff --git a/lib/dns/rdata/generic/nsec3_50.c b/lib/dns/rdata/generic/nsec3_50.c

index 95d04213ba39c1b19e2191f2e2d5d2805fd521a6..f9f356a576413c13f06f626e212a4665b85fd3f3 100644 (file)
--- a/lib/dns/rdata/generic/nsec3_50.c
+++ b/lib/dns/rdata/generic/nsec3_50.c
@@ -212,7 +212,7 @@ fromwire_nsec3(ARGS_FROMWIRE) {
         hashlen = sr.base[0];
         isc_region_consume(&sr, 1);
  
-       if (sr.length < hashlen) {
+       if (hashlen < 1 || sr.length < hashlen) {
                 RETERR(DNS_R_FORMERR);
         }
         isc_region_consume(&sr, hashlen);
author	Mark Andrews <marka@isc.org>
	Thu, 13 Aug 2020 02:46:55 +0000 (12:46 +1000)
committer	Mark Andrews <marka@isc.org>
	Thu, 13 Aug 2020 13:06:55 +0000 (23:06 +1000)