- Fix authzone printout buffer length check.

author W.C.A. Wijngaards <wouter@nlnetlabs.nl>

Tue, 19 Nov 2019 09:09:44 +0000 (10:09 +0100)

committer W.C.A. Wijngaards <wouter@nlnetlabs.nl>

Tue, 19 Nov 2019 09:09:44 +0000 (10:09 +0100)
author W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Tue, 19 Nov 2019 09:09:44 +0000 (10:09 +0100)
committer W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Tue, 19 Nov 2019 09:09:44 +0000 (10:09 +0100)
diff --git a/doc/Changelog b/doc/Changelog

index bbdb3419019a014d7b2d2d8f8d57039d6683a573..8debaf4a9ccbfdb6f14b5ac8bc5d9e12bedc12b0 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,7 @@
  19 November 2019: Wouter
         - Fix CVE-2019-18934, shell execution in ipsecmod.
         - 1.9.5 is 1.9.4 with bugfix, trunk is 1.9.6 in development.
+       - Fix authzone printout buffer length check.
  
  18 November 2019: Wouter
         - In unbound-host use separate variable for get_option to please
diff --git a/services/authzone.c b/services/authzone.c

index 585f86505a43fb499db970c25df62b49ebe3d31c..9bfea7c3d48a33cb4083f29bff0d5e7fc968e401 100644 (file)
--- a/services/authzone.c
+++ b/services/authzone.c
@@ -1654,7 +1654,7 @@ auth_rr_to_string(uint8_t* nm, size_t nmlen, uint16_t tp, uint16_t cl,
         }
         w += sldns_str_print(&s, &slen, "\n");
  
-       if(w > (int)buflen) {
+       if(w >= (int)buflen) {
                 log_nametypeclass(0, "RR too long to print", nm, tp, cl);
                 return 0;
         }
author	W.C.A. Wijngaards <wouter@nlnetlabs.nl>
	Tue, 19 Nov 2019 09:09:44 +0000 (10:09 +0100)
committer	W.C.A. Wijngaards <wouter@nlnetlabs.nl>
	Tue, 19 Nov 2019 09:09:44 +0000 (10:09 +0100)
doc/Changelog		patch \| blob \| blame \| history
services/authzone.c		patch \| blob \| blame \| history