Check that buffer length in dns_message_renderbegin

The maximum DNS message size is 65535 octets. Check that the buffer
being passed to dns_message_renderbegin does not exceed this as the
compression code assumes that all offsets are no bigger than this.

diff --git a/lib/dns/include/dns/message.h b/lib/dns/include/dns/message.h
index a4b4b3ffbee7c56dec34d611155d7e573ae20cf7..dc0c05846f6d3609ca3f72beb4caccc55c9aa6de 100644 (file)
--- a/lib/dns/include/dns/message.h
+++ b/lib/dns/include/dns/message.h
@@ -600,7 +600,7 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx,
  *
  *\li  'cctx' be valid.
  *
- *\li  'buffer' is a valid buffer.
+ *\li  'buffer' is a valid buffer with length less than 65536.
  *
  * Side Effects:
  *

diff --git a/lib/dns/message.c b/lib/dns/message.c
index 2f352dc7e7775fca553e198429c2d63328763599..c85e579b02ff8bd2fa15309b23aa9462cca83bbc 100644 (file)
--- a/lib/dns/message.c
+++ b/lib/dns/message.c
@@ -1735,6 +1735,7 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx,
 
        REQUIRE(DNS_MESSAGE_VALID(msg));
        REQUIRE(buffer != NULL);
+       REQUIRE(isc_buffer_length(buffer) < 65536);
        REQUIRE(msg->buffer == NULL);
        REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTRENDER);