IPSECKEY: require non-zero length public keys

(cherry picked from commit d7f701480341f33cfbad3bfff9ee3876859e0ce2)

diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c
index d85f79576f19d8805dacd8fc5a6183fc3700155d..d986cc956eee25d2e9ec02dadbd68ea83eb5c9ff 100644 (file)
--- a/lib/dns/rdata/generic/ipseckey_45.c
+++ b/lib/dns/rdata/generic/ipseckey_45.c
@@ -217,18 +217,23 @@ fromwire_ipseckey(ARGS_FROMWIRE) {
 
        switch (region.base[1]) {
        case 0:
+               if (region.length < 4) {
+                       return (ISC_R_UNEXPECTEDEND);
+               }
                isc_buffer_forward(source, region.length);
                return (mem_tobuffer(target, region.base, region.length));
 
        case 1:
-               if (region.length < 7)
+               if (region.length < 8) {
                        return (ISC_R_UNEXPECTEDEND);
+               }
                isc_buffer_forward(source, region.length);
                return (mem_tobuffer(target, region.base, region.length));
 
        case 2:
-               if (region.length < 19)
+               if (region.length < 20) {
                        return (ISC_R_UNEXPECTEDEND);
+               }
                isc_buffer_forward(source, region.length);
                return (mem_tobuffer(target, region.base, region.length));
 
@@ -238,7 +243,10 @@ fromwire_ipseckey(ARGS_FROMWIRE) {
                RETERR(dns_name_fromwire(&name, source, dctx, options, target));
                isc_buffer_activeregion(source, &region);
                isc_buffer_forward(source, region.length);
-               return(mem_tobuffer(target, region.base, region.length));
+               if (region.length < 1) {
+                       return (ISC_R_UNEXPECTEDEND);
+               }
+               return (mem_tobuffer(target, region.base, region.length));
 
        default:
                return (ISC_R_NOTIMPLEMENTED);