From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Fri, 15 May 2026 14:22:59 +0000 (+0200)
Subject: - Fix DNSKEY size calculation for noncanonical RSA DNSKEYs
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4bad944ae4f88f8b652b49c359c728c48d4ee9e6;p=thirdparty%2Funbound.git

- Fix DNSKEY size calculation for noncanonical RSA DNSKEYs
  with leading zeroes for n. Thanks to Xin Wang and Jiajia Liu,
  Northwestern Polytechnical University, for the report.
---

diff --git a/doc/Changelog b/doc/Changelog
index 862e4ce7f..42a2192ac 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -18,6 +18,9 @@
 	  DNSKEYs with leading zeroes for n. Thanks to Xin Wang and
 	  Jiajia Liu, Northwestern Polytechnical University, for
 	  the report.
+	- Fix DNSKEY size calculation for noncanonical RSA DNSKEYs
+	  with leading zeroes for n. Thanks to Xin Wang and Jiajia Liu,
+	  Northwestern Polytechnical University, for the report.
 
 11 May 2026: Yorgos
 	- Fix comment and verbose logging for EDNS fallback buffer size.
diff --git a/sldns/keyraw.c b/sldns/keyraw.c
index 42a9262a3..ab5c45914 100644
--- a/sldns/keyraw.c
+++ b/sldns/keyraw.c
@@ -67,19 +67,28 @@ sldns_rr_dnskey_key_size_raw(const unsigned char* keydata,
 	case LDNS_RSASHA512:
 #endif
 		if (len > 0) {
+			size_t nlen, offset;
 			if (keydata[0] == 0) {
 				/* big exponent */
 				if (len > 3) {
 					memmove(&int16, keydata + 1, 2);
 					exp = ntohs(int16);
-					return (len - exp - 3)*8;
+					offset = 3;
 				} else {
 					return 0;
 				}
 			} else {
 				exp = keydata[0];
-				return (len-exp-1)*8;
+				offset = 1;
 			}
+			if(exp+offset > len)
+				return 0;
+			nlen = len - exp - offset;
+			/* prefixed zeroes mean a smaller value */
+			while(nlen > 0 &&
+				keydata[len-nlen] == 0)
+				nlen--;
+			return nlen*8;
 		} else {
 			return 0;
 		}