BUG/MINOR: resolvers: fix room for trailing zero in resolv_dn_label_to_str()

The previous fix 75f72c2eb ("BUG/MEDIUM: resolvers: Fix test on dn label
size in resolv_dn_label_to_str()") can still be fooled by an input exactly
the size of str_len, in which case the trailing zero appended at the end
was not being accounted for. Let's add 1 to the condition to prepare for
it.

This needs to be backported wherever the fix above is backported.

diff --git a/src/resolvers.c b/src/resolvers.c
index ee49fb8f923dd63980dce8d220b5803e4beca772..5308eaeb77e3718f5372c5010a1faa9626294bfe 100644 (file)
--- a/src/resolvers.c
+++ b/src/resolvers.c
@@ -1857,8 +1857,8 @@ int resolv_dn_label_to_str(const char *dn, int dn_len, char *str, int str_len)
        for (i = 0; i < dn_len; ++i) {
                sz = (unsigned char)dn[i];
 
-               /* Check str_len adding 1 for the dot if (i!=0) */
-               if (str_len < sz+i+(!!i))
+               /* Check str_len adding 1 for the dot if (i!=0) and 1 for null terminator */
+               if (str_len < sz+i+(!!i)+1)
                        return -1;
 
                if (i)