git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Ondřej Surý <ondrej@isc.org>
	Sat, 14 Feb 2026 13:43:41 +0000 (14:43 +0100)
committer	Ondřej Surý <ondrej@isc.org>
	Tue, 24 Feb 2026 15:31:10 +0000 (16:31 +0100)
commit	368c75a9f567f8b36cf24fefe45023e0a050e47b
tree	304563de4571375466060e130b74c2712cae5234	tree \| snapshot
parent	aceaebe530e90dae39255a297bbfc4edc644b977	commit \| diff

Invalid NSEC3 can cause OOB read of the isdelegation() stack

When .next_length is longer than NSEC3_MAX_HASH_LENGTH, it causes a
harmless out-of-bound read of the isdelegation() stack. This patch
fixes the issue by skipping NSEC3 records with an oversized hash length
during validation.

(cherry picked from commit 67b4fb56e40bf856e1fccd41e752d5f486b5b569)

lib/dns/rdata/generic/nsec3_50.c		diff \| blob \| blame \| history
lib/dns/validator.c		diff \| blob \| blame \| history

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom