From: Peter van Dijk <peter.van.dijk@netherlabs.nl>
Date: Fri, 1 May 2015 07:05:23 +0000 (+0200)
Subject: import CVE-2015-1868 patch
X-Git-Tag: auth-3.3.2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9df4944d8d5d24ae722006509229314902090798;p=thirdparty%2Fpdns.git

import CVE-2015-1868 patch
---

diff --git a/pdns/dnsparser.cc b/pdns/dnsparser.cc
index 5a65f0b616..5415290eb2 100644
--- a/pdns/dnsparser.cc
+++ b/pdns/dnsparser.cc
@@ -433,9 +433,10 @@ string PacketReader::getText(bool multi)
 
 void PacketReader::getLabelFromContent(const vector<uint8_t>& content, uint16_t& frompos, string& ret, int recurs) 
 {
-  if(recurs > 1000) // the forward reference-check below should make this test 100% obsolete
+  if(recurs > 100) // the forward reference-check below should make this test 100% obsolete
     throw MOADNSException("Loop");
 
+  int pos = frompos;
   for(;;) {
     unsigned char labellen=content.at(frompos++);
 
@@ -448,7 +449,7 @@ void PacketReader::getLabelFromContent(const vector<uint8_t>& content, uint16_t&
       uint16_t offset=256*(labellen & ~0xc0) + (unsigned int)content.at(frompos++) - sizeof(dnsheader);
       //        cout<<"This is an offset, need to go to: "<<offset<<endl;
 
-      if(offset >= frompos-2)
+      if(offset >= pos)
         throw MOADNSException("forward reference during label decompression");
       return getLabelFromContent(content, offset, ret, ++recurs);
     }