mirror of
https://github.com/isc-projects/bind9.git
synced 2026-07-15 10:00:55 -04:00
Add a maximum length for isc_url_parse() input buffer
The isc_url_parse() function failed to check the input buffer's
length and assumed that it can't be bigger than UINT16_MAX, because
both the 'off' and 'len' fields of the 'isc_url_parser_t' structure
are uint16_t.
Add a check to not accept a buffer longer than UINT16_MAX.
(cherry picked from commit b878f82409)
This commit is contained in:
parent
c3733e12f9
commit
fe24f3249b
1 changed files with 2 additions and 2 deletions
|
|
@ -549,8 +549,8 @@ isc_url_parse(const char *buf, size_t buflen, bool is_connect,
|
|||
int found_at = 0;
|
||||
const char *p = NULL;
|
||||
|
||||
if (buflen == 0) {
|
||||
return ISC_R_FAILURE;
|
||||
if (buflen == 0 || buflen > UINT16_MAX) {
|
||||
return ISC_R_RANGE;
|
||||
}
|
||||
|
||||
up->port = up->field_set = 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue