From 8452404bd7facb89790c32bab508f55bf8d37cea Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Sat, 15 Aug 2020 10:12:50 +1000
Subject: [PATCH] A6: return FORMERR in fromwire if bits are non zero.

oss_fuzz: Issue 24864: bind9:dns_rdata_fromwire_text_fuzzer: Overwrites-const-input in dns_rdata_fromwire_text_fuzzer
---
 lib/dns/rdata/in_1/a6_38.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c
index ac721aad4c..d69c5d3dc2 100644
--- a/lib/dns/rdata/in_1/a6_38.c
+++ b/lib/dns/rdata/in_1/a6_38.c
@@ -182,7 +182,9 @@ fromwire_in_a6(ARGS_FROMWIRE) {
 			return (ISC_R_UNEXPECTEDEND);
 		}
 		mask = 0xff >> (prefixlen % 8);
-		sr.base[0] &= mask; /* Ensure pad bits are zero. */
+		if ((sr.base[0] & ~mask) != 0) {
+			return (DNS_R_FORMERR);
+		}
 		RETERR(mem_tobuffer(target, sr.base, octets));
 		isc_buffer_forward(source, octets);
 	}