From 619b808b31be5f0dd180e2701b62b49572fc3c11 Mon Sep 17 00:00:00 2001 From: Wouter Wijngaards Date: Wed, 26 Apr 2017 09:03:15 +0000 Subject: [PATCH] - Based on #1257: check parse limit before t increment in sldns RR string parse routine. git-svn-id: file:///svn/unbound/trunk@4133 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 4 ++++ sldns/parse.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/doc/Changelog b/doc/Changelog index ee6e3222f..3b911d686 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +26 April 2017: Wouter + - Based on #1257: check parse limit before t increment in sldns RR + string parse routine. + 24 April 2017: Wouter - unbound-checkconf -o allows query of dnstap config variables. Also unbound-control get_option. Also for dnscrypt. diff --git a/sldns/parse.c b/sldns/parse.c index 35dee7196..e30a753a4 100644 --- a/sldns/parse.c +++ b/sldns/parse.c @@ -120,6 +120,10 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l if (line_nr) { *line_nr = *line_nr + 1; } + if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) { + *t = '\0'; + return -1; + } *t++ = ' '; prev_c = c; continue;