mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-22 01:56:00 -04:00
0d0f69db89
process_opt() reads the per-option (optcode, optlen) header from the OPT rdata and then advances the buffer by optlen, both for the COOKIE branch (via process_cookie()) and for any other optcode. The walk itself never compared optlen to the buffer remainder; the only reason it cannot trip the isc_buffer_forward() REQUIRE today is that fromwire_opt() (lib/dns/rdata/generic/opt_41.c) already validates each option's length against the rdata bounds before the rdataset is handed back, so process_opt() never sees a self-inconsistent rdata. That upstream guarantee is fine, but it leaves the local walker trusting an invariant established elsewhere. Add a defensive check that just stops the walk when a future caller (a cached message, an alternate parser, a refactor of the OPT validator) hands process_opt() a buffer where optlen would run past the end. Assisted-by: Claude:claude-opus-4-7 |
||
|---|---|---|
| .. | ||
| check | ||
| confgen | ||
| delv | ||
| dig | ||
| dnssec | ||
| include | ||
| named | ||
| nsupdate | ||
| plugins | ||
| rndc | ||
| tests | ||
| tools | ||
| meson.build | ||