upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-22 10:10:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix: dev: Harden dig's EDNS option parsing against malformed replies

Browse source 
dig's parser for EDNS options in a DNS reply now stops cleanly when an
option declares a length that runs past the end of the option data,
rather than trusting the upstream OPT-record validator to reject the
reply first. This is a defensive change; behavior is unchanged in
practice.

Merge branch 'ondrej/dig-process-opt-edns-optlen-oob' into 'main'

See merge request isc-projects/bind9!11937
This commit is contained in:
Ondřej Surý 2026-05-01 07:19:57 +02:00
commit 7b87ab0236
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
bin/dig/dighost.c
View file

@ -3805,6 +3805,9 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) {
while (isc_buffer_remaininglength(&optbuf) >= 4) {
optcode = isc_buffer_getuint16(&optbuf);
optlen = isc_buffer_getuint16(&optbuf);
if (optlen > isc_buffer_remaininglength(&optbuf)) {
break;
}
switch (optcode) {
case DNS_OPT_COOKIE:
/*