Reject zero length ALPN elements in fromwire

diff --git a/lib/dns/rdata/in_1/svcb_64.c b/lib/dns/rdata/in_1/svcb_64.c
index 8fbb99c7b7bb9484b8c9cc7289c17242ed8417ee..e1cf27c1b76f38df8501c1c1df6a0b6dfd6dfa4f 100644 (file)
--- a/lib/dns/rdata/in_1/svcb_64.c
+++ b/lib/dns/rdata/in_1/svcb_64.c
@@ -121,7 +121,7 @@ svcb_validate(uint16_t key, isc_region_t *region) {
                                }
                                while (region->length != 0) {
                                        size_t l = *region->base + 1;
-                                       if (l > region->length) {
+                                       if (l == 1U || l > region->length) {
                                                return (DNS_R_FORMERR);
                                        }
                                        isc_region_consume(region, l);

diff --git a/lib/dns/tests/rdata_test.c b/lib/dns/tests/rdata_test.c
index 595fcf9dac6ee3bb6a93618048add8a9b494792e..d64ffce789fd33fe196316b7fe5e927f1d0c948b 100644 (file)
--- a/lib/dns/tests/rdata_test.c
+++ b/lib/dns/tests/rdata_test.c
@@ -2723,6 +2723,11 @@ https_svcb(void **state) {
                 * no-default-alpn (0x00 0x02) without alpn, alpn is required.
                 */
                WIRE_INVALID(0x00, 0x00, 0x01, 0x00, 0x00, 0x02, 0x00, 0x00),
+               /*
+                * Alpn(0x00 0x01) with zero length elements is invalid
+                */
+               WIRE_INVALID(0x00, 0x00, 0x01, 0x00, 0x00, 0x01, 0x00, 0x05,
+                            0x00, 0x00, 0x00, 0x00, 0x00),
                WIRE_SENTINEL()
        };
        /* Test vectors from RFCXXXX */