+25 April 2013: Wouter
+ - Robust checks on dname validity from rdata for dname compare.
+
19 April 2013: Wouter
- Fixup snprintf return value usage, fixed libunbound_get_option.
case LDNS_RR_TYPE_MR:
case LDNS_RR_TYPE_PTR:
case LDNS_RR_TYPE_DNAME:
- return query_dname_compare(d->rr_data[i]+2,
+ /* the wireread function has already checked these
+ * dname's for correctness, and this double checks */
+ if(!dname_valid(d->rr_data[i]+2, d->rr_len[i]-2) ||
+ !dname_valid(d->rr_data[j]+2, d->rr_len[j]-2))
+ return 0;
+ return query_dname_compare(d->rr_data[i]+2,
d->rr_data[j]+2);
/* These RR types have STR and fixed size rdata fields
for(i = d->count; i< d->count+d->rrsig_count; i++) {
if(d->rr_len[i] > 2+18+len) {
/* at least rdatalen + signature + signame (+1 sig)*/
+ if(!dname_valid(d->rr_data[i]+2+18, d->rr_len[i]-2-18))
+ continue;
if(query_dname_compare(name, d->rr_data[i]+2+18) == 0)
{
return 1;
projects / thirdparty / unbound.git / commitdiff
