From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Wed, 8 Jan 2020 10:55:42 +0000 (+0100)
Subject: - Updated sldns_bget_token_par fix for also space for the zero
X-Git-Tag: release-1.10.0rc1~59
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ae1544583f98054d22753434ac7da986e5347e5;p=thirdparty%2Funbound.git

- Updated sldns_bget_token_par fix for also space for the zero
  delimiter after the character.
---

diff --git a/doc/Changelog b/doc/Changelog
index 4f80bbe95..f1d8762ee 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -2,6 +2,8 @@
 	- Fix 'make test' to work for --disable-sha1 configure option.
 	- Fix out-of-bounds null-byte write in sldns_bget_token_par while
 	  parsing type WKS, reported by Luis Merino from X41 D-Sec.
+	- Updated sldns_bget_token_par fix for also space for the zero
+	  delimiter after the character.
 
 6 January 2020: George
 	- Downgrade compat/getentropy_solaris.c to version 1.4 from OpenBSD.
diff --git a/sldns/parse.c b/sldns/parse.c
index 2f9a15e01..832e643c6 100644
--- a/sldns/parse.c
+++ b/sldns/parse.c
@@ -120,7 +120,7 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 			if (line_nr) {
 				*line_nr = *line_nr + 1;
 			}
-			if (limit > 0 && (i > limit || (size_t)(t-token) > limit)) {
+			if (limit > 0 && (i+1 > limit || (size_t)(t-token)+1 > limit)) {
 				*t = '\0';
 				return -1;
 			}
@@ -141,7 +141,8 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 		if (c != '\0' && c != '\n') {
 			i++;
 		}
-		if (limit > 0 && (i > limit || (size_t)(t-token) > limit)) {
+		/* is there space for the character and the zero after it */
+		if (limit > 0 && (i+1 > limit || (size_t)(t-token)+1 > limit)) {
 			*t = '\0';
 			return -1;
 		}
@@ -326,8 +327,8 @@ sldns_bget_token_par(sldns_buffer *b, char *token, const char *delim,
 			/* in parentheses */
 			/* do not write ' ' if we want to skip spaces */
 			if(!(skipw && (strchr(skipw, c)||strchr(skipw, ' ')))) {
-				/* check for space for the space character */
-				if (limit > 0 && (i > limit || (size_t)(t-token) > limit)) {
+				/* check for space for the space character and a zero delimiter after that. */
+				if (limit > 0 && (i+1 > limit || (size_t)(t-token)+1 > limit)) {
 					*t = '\0';
 					return -1;
 				}
@@ -354,7 +355,7 @@ sldns_bget_token_par(sldns_buffer *b, char *token, const char *delim,
 		}
 
 		i++;
-		if (limit > 0 && (i > limit || (size_t)(t-token) > limit)) {
+		if (limit > 0 && (i+1 > limit || (size_t)(t-token)+1 > limit)) {
 			*t = '\0';
 			return -1;
 		}