]> git.ipfire.org Git - thirdparty/unbound.git/commitdiff
projects / thirdparty / unbound.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7646c96)
- Fix Out-of-Bounds Read in dname_valid(),
authorW.C.A. Wijngaards <wouter@nlnetlabs.nl>
Wed, 20 Nov 2019 10:38:11 +0000 (11:38 +0100)
committerW.C.A. Wijngaards <wouter@nlnetlabs.nl>
Wed, 20 Nov 2019 10:38:11 +0000 (11:38 +0100)
  reported by X41 D-Sec.

doc/Changelog patch | blob | blame | history
util/data/dname.c patch | blob | blame | history

diff --git a/doc/Changelog b/doc/Changelog
index 004cf014a3e8e6dd8e9aa977de880f765d6e80b9..e6562e98c0a9592d41ab7f96da293979d84dac94 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -10,6 +10,8 @@
          reported by X41 D-Sec.
        - Fix Randomness Error not Handled Properly,
          reported by X41 D-Sec.
+       - Fix Out-of-Bounds Read in dname_valid(),
+         reported by X41 D-Sec.
 
 19 November 2019: Wouter
        - Fix CVE-2019-18934, shell execution in ipsecmod.
diff --git a/util/data/dname.c b/util/data/dname.c
index c7360f75f32afbb952a9f86958594da2be6c0640..71e14180d524e4935e54c408afdf6dd5c83618f5 100644 (file)
--- a/util/data/dname.c
+++ b/util/data/dname.c
@@ -75,6 +75,8 @@ dname_valid(uint8_t* dname, size_t maxlen)
 {
        size_t len = 0;
        size_t labellen;
+       if(maxlen == 0)
+               return 0; /* too short, shortest is '0' root label */
        labellen = *dname++;
        while(labellen) {
                if(labellen&0xc0)
Mirror of https://github.com/NLnetLabs/unbound.git