From: Tony Finch <dot@dotat.at>
Date: Fri, 28 Feb 2020 20:08:04 +0000 (+0000)
Subject: Fix dns_client_addtrustedkey(dns_rdatatype_dnskey)
X-Git-Tag: v9.17.1~79^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=689ef89b67e6ce6f9ed2f6b9e839aa75d92e780a;p=thirdparty%2Fbind9.git

Fix dns_client_addtrustedkey(dns_rdatatype_dnskey)

Use a buffer that is big enough for DNSKEY records as well as DS
records.
---

diff --git a/lib/dns/client.c b/lib/dns/client.c
index 0d8e951fa0d..6a003e8d79e 100644
--- a/lib/dns/client.c
+++ b/lib/dns/client.c
@@ -1519,7 +1519,7 @@ dns_client_addtrustedkey(dns_client_t *client, dns_rdataclass_t rdclass,
 	dns_view_t *view = NULL;
 	dns_keytable_t *secroots = NULL;
 	dns_name_t *name = NULL;
-	char dsbuf[DNS_DS_BUFFERSIZE];
+	char rdatabuf[DST_KEY_MAXSIZE];
 	unsigned char digest[ISC_MAX_MD_SIZE];
 	dns_rdata_ds_t ds;
 	dns_decompress_t dctx;
@@ -1543,7 +1543,7 @@ dns_client_addtrustedkey(dns_client_t *client, dns_rdataclass_t rdclass,
 		goto cleanup;
 	}
 
-	isc_buffer_init(&b, dsbuf, sizeof(dsbuf));
+	isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf));
 	dns_decompress_init(&dctx, -1, DNS_DECOMPRESS_NONE);
 	dns_rdata_init(&rdata);
 	isc_buffer_setactive(databuf, isc_buffer_usedlength(databuf));