From 46fc714aa0558bfb96c195983a48703659db1f5d Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 6 Jul 2015 23:03:51 +1000 Subject: [PATCH] dig +ednsopt= could trigger a assertion failure [RT #39990] --- lib/dns/message.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/lib/dns/message.c b/lib/dns/message.c index 9575cd5bd2..ee15e9d4e5 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -3229,14 +3229,17 @@ render_ecs(isc_buffer_t *optbuf, isc_buffer_t *target) { isc_uint16_t family; isc_uint8_t addrlen, addrbytes, scopelen; - INSIST(isc_buffer_remaininglength(optbuf) >= 4); + if (isc_buffer_remaininglength(optbuf) < 4) + return (DNS_R_OPTERR); family = isc_buffer_getuint16(optbuf); addrlen = isc_buffer_getuint8(optbuf); scopelen = isc_buffer_getuint8(optbuf); addrbytes = (addrlen + 7) / 8; - INSIST(isc_buffer_remaininglength(optbuf) >= addrbytes); + if (isc_buffer_remaininglength(optbuf) < addrbytes) + return (DNS_R_OPTERR); + ADD_STRING(target, ": "); memset(addr, 0, sizeof(addr)); for (i = 0; i < addrbytes; i ++) addr[i] = isc_buffer_getuint8(optbuf); @@ -3326,10 +3329,12 @@ dns_message_pseudosectiontotext(dns_message_t *msg, } else if (optcode == DNS_OPT_COOKIE) { ADD_STRING(target, "; COOKIE"); } else if (optcode == DNS_OPT_CLIENT_SUBNET) { - ADD_STRING(target, "; CLIENT-SUBNET: "); - render_ecs(&optbuf, target); - ADD_STRING(target, "\n"); - continue; + ADD_STRING(target, "; CLIENT-SUBNET"); + result = render_ecs(&optbuf, target); + if (result == ISC_R_SUCCESS) { + ADD_STRING(target, "\n"); + continue; + } } else if (optcode == DNS_OPT_EXPIRE) { if (optlen == 4) { isc_uint32_t secs; @@ -3380,6 +3385,11 @@ dns_message_pseudosectiontotext(dns_message_t *msg, continue; } + if (optcode == DNS_OPT_CLIENT_SUBNET) { + ADD_STRING(target, "\n"); + continue; + } + /* * For non-COOKIE options, add a printable * version