upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-26 11:22:52 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
bind9/lib
History
Ondřej Surý 2bbbd60de3
Reject oversized RRsets at slab construction 
dns_rdataslab_fromrdataset(), dns_rdataslab_merge() and
dns_rdataslab_subtract() summed per-record storage into an
unsigned int with no upper-bound check.  An RRset whose total
encoded size exceeds DNS_RDATA_MAXLENGTH cannot fit in a DNS
message and is unservable; building its in-memory representation
only burns memory on data that will fail at response time, and at
the upper bound the running sum could in theory wrap.

Cap the running total at DNS_RDATA_MAXLENGTH and return ISC_R_NOSPACE
when exceeded.  Update the qpdb cache memory-purge test to use a
record size that fits within the new limit.

Assisted-by: Claude:claude-opus-4-7
(cherry picked from commit f9d24b1b85)
2026-05-05 19:24:29 +02:00
..
dns Reject oversized RRsets at slab construction 2026-05-05 19:24:29 +02:00
isc Dispatch ratelimiter events under the lock 2026-04-30 10:53:49 +02:00
isccc Remove redundant parentheses from the return statement 2024-11-19 14:26:52 +01:00
isccfg Fix KASP key leaks on keystore lookup failure 2026-03-16 11:05:03 +01:00
ns Fix swapped arguments in redirect2() single-label branch 2026-04-30 07:38:57 +02:00
.gitignore The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
Makefile.am Move irs_resconf into libdns and remove libirs 2023-02-24 09:38:59 +00:00