Use the correct maximal compressed bit map buffer size

There are up to 256 windows in a NSEC/NSEC3 compressed bit
map of 32 + 2 octets each.

(cherry picked from commit e43e4bd20a99860e79294afbcc9b75f01ff28c26)

diff --git a/lib/dns/include/dns/nsec.h b/lib/dns/include/dns/nsec.h
index e68ea35ebfb3ca4ad1971b4d9ebeac53de013221..50df8e45f18701c5259ee0e17b898d6d8da32dc1 100644 (file)
--- a/lib/dns/include/dns/nsec.h
+++ b/lib/dns/include/dns/nsec.h
@@ -23,7 +23,12 @@
 #include <dns/name.h>
 #include <dns/types.h>
 
-#define DNS_NSEC_BUFFERSIZE (DNS_NAME_MAXWIRE + 8192 + 512)
+/*
+ * max compressed bitmap size:
+ * 256 windows * (window number + window length + bitmap (max 256 bits))
+ */
+#define DNS_NSEC_MAXCBMSIZE (256 * ((256 / 8) + 2))
+#define DNS_NSEC_BUFFERSIZE (DNS_NAME_MAXWIRE + DNS_NSEC_MAXCBMSIZE)
 
 ISC_LANG_BEGINDECLS
 

diff --git a/lib/dns/zoneverify.c b/lib/dns/zoneverify.c
index 546f0d955c19c50caeb8bf6ea7c8d4abe37cdc00..bad2e29b175504e4d56f007689a0b18cf1ccf0a9 100644 (file)
--- a/lib/dns/zoneverify.c
+++ b/lib/dns/zoneverify.c
@@ -459,7 +459,7 @@ match_nsec3(const vctx_t *vctx, const dns_name_t *name,
            const unsigned char types[8192], unsigned int maxtype,
            const unsigned char *rawhash, size_t rhsize,
            isc_result_t *vresult) {
-       unsigned char cbm[8244];
+       unsigned char cbm[DNS_NSEC_MAXCBMSIZE];
        char namebuf[DNS_NAME_FORMATSIZE];
        dns_rdata_nsec3_t nsec3;
        isc_result_t result;