BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names

When a string is converted to a domain name label, the trailing dot must be
ignored. In resolv_str_to_dn_label(), there is a test to do so. However, the
trailing dot is not really ignored. The character itself is not copied but
the string index is still moved to the next char. Thus, this trailing dot is
counted in the length of the last encoded part of the domain name. Worst,
because the copy is skipped, a garbage character is included in the domain
name.

This patch should fix the issue #1528. It must be backported as far as 2.0.

diff --git a/src/resolvers.c b/src/resolvers.c
index ec187aa3073bf54f130419e52fc54488a3a144f9..097d0079132d17e1c46c82467cc1a78fd06713fd 100644 (file)
--- a/src/resolvers.c
+++ b/src/resolvers.c
@@ -1738,10 +1738,8 @@ int resolv_str_to_dn_label(const char *str, int str_len, char *dn, int dn_len)
                                return -1;
 
                        /* ignore trailing dot */
-                       if (i + 1 == str_len) {
-                               i++;
+                       if (i + 1 == str_len)
                                break;
-                       }
 
                        dn[offset] = (i - offset);
                        offset = i+1;