mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-21 09:26:12 -04:00
0d0f69db89
process_opt() reads the per-option (optcode, optlen) header from the OPT rdata and then advances the buffer by optlen, both for the COOKIE branch (via process_cookie()) and for any other optcode. The walk itself never compared optlen to the buffer remainder; the only reason it cannot trip the isc_buffer_forward() REQUIRE today is that fromwire_opt() (lib/dns/rdata/generic/opt_41.c) already validates each option's length against the rdata bounds before the rdataset is handed back, so process_opt() never sees a self-inconsistent rdata. That upstream guarantee is fine, but it leaves the local walker trusting an invariant established elsewhere. Add a defensive check that just stops the walk when a future caller (a cached message, an alternate parser, a refactor of the OPT validator) hands process_opt() a buffer where optlen would run past the end. Assisted-by: Claude:claude-opus-4-7 |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| dig.c | ||
| dig.rst | ||
| dighost.c | ||
| dighost.h | ||
| host.c | ||
| host.rst | ||
| meson.build | ||
| nslookup.c | ||
| nslookup.rst | ||