resolve: enforce the search domain limit earlier

The search domain limit is already enforced by dns_search_domain_new(),
but in this case it's way too late. Let's enforce it during the first
loop to avoid unnecessary parsing.

diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c
index ed4485671c8ad3321b5d125af663efd96bea0c46..f30ed5d22bac823de35b0e7a71c7fa84929e322a 100644 (file)
--- a/src/resolve/resolved-link-bus.c
+++ b/src/resolve/resolved-link-bus.c
@@ -321,7 +321,7 @@ int bus_link_method_set_domains(sd_bus_message *message, void *userdata, sd_bus_
         if (r < 0)
                 return r;
 
-        for (;;) {
+        for (unsigned n_names = 0;; n_names++) {
                 _cleanup_free_ char *prefixed = NULL;
                 const char *name;
                 int route_only;
@@ -339,6 +339,8 @@ int bus_link_method_set_domains(sd_bus_message *message, void *userdata, sd_bus_
                         return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid search domain %s", name);
                 if (!route_only && dns_name_is_root(name))
                         return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Root domain is not suitable as search domain");
+                if (n_names >= LINK_SEARCH_DOMAINS_MAX)
+                        return sd_bus_error_set(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many search domains per link");
 
                 if (route_only) {
                         prefixed = strjoin("~", name);