From: Mark Andrews <marka@isc.org>
Date: Thu, 13 Aug 2020 02:46:55 +0000 (+1000)
Subject: NSEC3: reject records with a zero length hash field
X-Git-Tag: v9.17.5~50^2~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=031ee9e2791bfe02a289b41bf5f35b3ee0534a27;p=thirdparty%2Fbind9.git

NSEC3: reject records with a zero length hash field
---

diff --git a/lib/dns/rdata/generic/nsec3_50.c b/lib/dns/rdata/generic/nsec3_50.c
index 95d04213ba3..f9f356a5764 100644
--- a/lib/dns/rdata/generic/nsec3_50.c
+++ b/lib/dns/rdata/generic/nsec3_50.c
@@ -212,7 +212,7 @@ fromwire_nsec3(ARGS_FROMWIRE) {
 	hashlen = sr.base[0];
 	isc_region_consume(&sr, 1);
 
-	if (sr.length < hashlen) {
+	if (hashlen < 1 || sr.length < hashlen) {
 		RETERR(DNS_R_FORMERR);
 	}
 	isc_region_consume(&sr, hashlen);