From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Wed, 20 Nov 2019 10:38:11 +0000 (+0100)
Subject: - Fix Out-of-Bounds Read in dname_valid(),
X-Git-Tag: release-1.9.6rc1~50
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=72d348de6a2d8ee0b4cc4a5ad5bebd731d9b32df;p=thirdparty%2Funbound.git

- Fix Out-of-Bounds Read in dname_valid(),
  reported by X41 D-Sec.
---

diff --git a/doc/Changelog b/doc/Changelog
index 004cf014a..e6562e98c 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -10,6 +10,8 @@
 	  reported by X41 D-Sec.
 	- Fix Randomness Error not Handled Properly,
 	  reported by X41 D-Sec.
+	- Fix Out-of-Bounds Read in dname_valid(),
+	  reported by X41 D-Sec.
 
 19 November 2019: Wouter
 	- Fix CVE-2019-18934, shell execution in ipsecmod.
diff --git a/util/data/dname.c b/util/data/dname.c
index c7360f75f..71e14180d 100644
--- a/util/data/dname.c
+++ b/util/data/dname.c
@@ -75,6 +75,8 @@ dname_valid(uint8_t* dname, size_t maxlen)
 {
 	size_t len = 0;
 	size_t labellen;
+	if(maxlen == 0)
+		return 0; /* too short, shortest is '0' root label */
 	labellen = *dname++;
 	while(labellen) {
 		if(labellen&0xc0)