]> git.ipfire.org Git - thirdparty/unbound.git/commitdiff
projects / thirdparty / unbound.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9df07b4)
- Fix RPZ's get_tld_label maxdnamelen check
authorRalph Dolmans <ralph@nlnetlabs.nl>
Wed, 29 Jan 2020 09:57:29 +0000 (10:57 +0100)
committerRalph Dolmans <ralph@nlnetlabs.nl>
Wed, 29 Jan 2020 09:57:29 +0000 (10:57 +0100)
services/rpz.c patch | blob | blame | history

diff --git a/services/rpz.c b/services/rpz.c
index 72397998fc499e08ff6ba2ec1135664813bb161d..37ea2aa5395030855363c009fb89108ccdaf22e6 100644 (file)
--- a/services/rpz.c
+++ b/services/rpz.c
@@ -118,13 +118,17 @@ get_tld_label(uint8_t* dname, size_t maxdnamelen)
        uint8_t* prevlab = dname;
        size_t dnamelen = 0;
 
+       /* one byte needed for label length */
+       if(dnamelen+1 > maxdnamelen)
+               return NULL;
+
        /* only root label */
        if(*dname == 0)
                return NULL;
 
        while(*dname) {
                dnamelen += ((size_t)*dname)+1;
-               if(dnamelen > maxdnamelen)
+               if(dnamelen+1 > maxdnamelen)
                        return NULL;
                dname = dname+((size_t)*dname)+1;
                if(*dname != 0)
Mirror of https://github.com/NLnetLabs/unbound.git