From: Ondřej Surý <ondrej@isc.org>
Date: Tue, 24 Feb 2026 15:00:35 +0000 (+0100)
Subject: chg: dev: Invalid NSEC3 can cause OOB read of the isdelegation() stack
X-Git-Tag: v9.21.19~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8be931c491d0c5abd82f694df1c125aaf06e262;p=thirdparty%2Fbind9.git

chg: dev: Invalid NSEC3 can cause OOB read of the isdelegation() stack

When .next_length is longer than NSEC3_MAX_HASH_LENGTH, it causes a
harmless out-of-bound read of the isdelegation() stack.  This has been
fixed.

Closes #5749

Merge branch '5749-fix-OOB-read-in-isdelegation' into 'main'

See merge request isc-projects/bind9!11553
---

d8be931c491d0c5abd82f694df1c125aaf06e262