diff --git a/bin/tests/wire_test.c b/bin/tests/wire_test.c index 5b079ce3ea..b21f5f0f52 100644 --- a/bin/tests/wire_test.c +++ b/bin/tests/wire_test.c @@ -287,7 +287,7 @@ process_message(isc_buffer_t *source) { } if (dorender) { - unsigned char b2[64 * 1024]; + unsigned char b2[65535]; isc_buffer_t buffer; dns_compress_t cctx; diff --git a/lib/dns/include/dns/message.h b/lib/dns/include/dns/message.h index b5d9a5a168..940c9b1748 100644 --- a/lib/dns/include/dns/message.h +++ b/lib/dns/include/dns/message.h @@ -597,7 +597,7 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, * *\li 'cctx' be valid. * - *\li 'buffer' is a valid buffer. + *\li 'buffer' is a valid buffer with length less than 65536. * * Side Effects: * diff --git a/lib/dns/message.c b/lib/dns/message.c index 1b983d9194..761a8e1471 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -1774,6 +1774,7 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, REQUIRE(DNS_MESSAGE_VALID(msg)); REQUIRE(buffer != NULL); + REQUIRE(isc_buffer_length(buffer) < 65536); REQUIRE(msg->buffer == NULL); REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTRENDER); diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index 9380924bf6..1429d3be6b 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -1264,7 +1264,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, * Note that although 65535-byte RRs are allowed in principle, they * cannot be zone-transferred (at least not if uncompressible), * because the message and RR headers would push the size of the - * TCP message over the 65536 byte limit. + * TCP message over the 65535 byte limit. */ mem = isc_mem_get(mctx, len); isc_buffer_init(&xfr->buf, mem, len); diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 4a53ad8fc6..16eaefcfe1 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -290,7 +290,7 @@ attach_query_msg_to_client(ns_client_t *client, const char *qnamestr, dns_rdatatype_t qtype, unsigned int qflags) { dns_rdataset_t *qrdataset = NULL; dns_message_t *message = NULL; - unsigned char query[65536]; + unsigned char query[65535]; dns_name_t *qname = NULL; isc_buffer_t querybuf; dns_compress_t cctx;