From: Mark Andrews Date: Tue, 26 Feb 2019 23:32:18 +0000 (+1100) Subject: enforce DS hash exists X-Git-Tag: v9.15.0~52^2~2 X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=b274f3fad77d7325650ee3d1e4fd7f94b92edebe;p=thirdparty%2Fbind9.git enforce DS hash exists --- diff --git a/lib/dns/rdata/generic/ds_43.c b/lib/dns/rdata/generic/ds_43.c index c36ea3a3b2f..8312351b268 100644 --- a/lib/dns/rdata/generic/ds_43.c +++ b/lib/dns/rdata/generic/ds_43.c @@ -166,7 +166,7 @@ generic_fromwire_ds(ARGS_FROMWIRE) { /* * Check digest lengths if we know them. */ - if (sr.length < 4 || + if (sr.length < 5 || (sr.base[3] == DNS_DSDIGEST_SHA1 && sr.length < 4 + ISC_SHA1_DIGESTLENGTH) || (sr.base[3] == DNS_DSDIGEST_SHA256 &&