From 17e6a3e2a88e822b730f298ebb9fdb526a04a2e2 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 4 May 2026 22:07:46 +0200
Subject: [PATCH] resolve: limit the number NTAs to something sensible

---
 src/resolve/resolved-link-bus.c | 3 +++
 src/resolve/resolved-link.h     | 1 +
 2 files changed, 4 insertions(+)

diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c
index f30ed5d22ba..ba5b00c239a 100644
--- a/src/resolve/resolved-link-bus.c
+++ b/src/resolve/resolved-link-bus.c
@@ -683,6 +683,9 @@ int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, v
         if (r < 0)
                 return r;
 
+        if (strv_length(ntas) > LINK_NEGATIVE_TRUST_ANCHORS_MAX)
+                return sd_bus_error_set(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many negative trust anchors per link");
+
         STRV_FOREACH(i, ntas) {
                 r = dns_name_is_valid(*i);
                 if (r < 0)
diff --git a/src/resolve/resolved-link.h b/src/resolve/resolved-link.h
index 44a6b511c1b..4c81bdbe666 100644
--- a/src/resolve/resolved-link.h
+++ b/src/resolve/resolved-link.h
@@ -11,6 +11,7 @@
 
 #define LINK_SEARCH_DOMAINS_MAX 1024
 #define LINK_DNS_SERVERS_MAX 256
+#define LINK_NEGATIVE_TRUST_ANCHORS_MAX 2048
 
 typedef struct LinkAddress {
         Link *link;
-- 
2.47.3