From: Willem Toorop Date: Fri, 26 Aug 2011 14:53:40 +0000 (+0000) Subject: Minimum number of rdata fields should be checked parsing from wireformat too! X-Git-Tag: release-1.6.11rc1~33 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e70d89cab7eae5f4d89a66c69d71d73c8cd9ea2a;p=thirdparty%2Fldns.git Minimum number of rdata fields should be checked parsing from wireformat too! See bug #391. --- diff --git a/error.c b/error.c index ff240dcc..27277b8f 100644 --- a/error.c +++ b/error.c @@ -88,6 +88,7 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED, "RR not covered by the given NSEC RRs" }, { LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, "wildcard not covered by the given NSEC RRs" }, { LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, "original of NSEC3 hashed name could not be found" }, + { LDNS_STATUS_WIRE_MISSING_RDATA_FIELDS, "More rdata fields were expected while parsing the wireformat data" }, { 0, NULL } }; diff --git a/ldns/error.h b/ldns/error.h index e17846f3..4b2b62d7 100644 --- a/ldns/error.h +++ b/ldns/error.h @@ -98,7 +98,8 @@ enum ldns_enum_status { LDNS_STATUS_DNSSEC_EXISTENCE_DENIED, LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED, LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, - LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND + LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, + LDNS_STATUS_WIRE_MISSING_RDATA_FIELDS }; typedef enum ldns_enum_status ldns_status; diff --git a/wire2host.c b/wire2host.c index e87fcdf5..5eb2acbd 100644 --- a/wire2host.c +++ b/wire2host.c @@ -271,6 +271,9 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) cur_rdf = NULL; } } + if (rdf_index < ldns_rr_descriptor_minimum(descriptor)) { + return LDNS_STATUS_WIRE_MISSING_RDATA_FIELDS; + } return LDNS_STATUS_OK; } @@ -316,10 +319,10 @@ ldns_wire2rr(ldns_rr **rr_p, const uint8_t *wire, size_t max, status = ldns_wire2rdf(rr, wire, max, pos); LDNS_STATUS_CHECK_GOTO(status, status_error); - ldns_rr_set_question(rr, false); + ldns_rr_set_question(rr, false); } else { - ldns_rr_set_question(rr, true); - } + ldns_rr_set_question(rr, true); + } *rr_p = rr; return LDNS_STATUS_OK;