upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Add extra dnamelen checks to ipdnametoaddr and netblockdnametoaddr

Browse source
This commit is contained in:
Ralph Dolmans 2020-01-29 15:16:44 +01:00
parent 7da16febc4
commit 88a706acf8
1 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
util/net_help.c
View file

@ -296,6 +296,11 @@ static int ipdnametoaddr(uint8_t* dname, size_t dnamelen,
size_t len = 0; size_t len = 0;
int i; int i;
*af = AF_INET; *af = AF_INET;
/* need 1 byte for label length */
if(dnamelen < 1)
return 0;
if(dnamelabs > 6 || if(dnamelabs > 6 ||
dname_has_label(dname, dnamelen, (uint8_t*)"\002zz")) { dname_has_label(dname, dnamelen, (uint8_t*)"\002zz")) {
*af = AF_INET6; *af = AF_INET6;
@ -363,17 +368,23 @@ int netblockdnametoaddr(uint8_t* dname, size_t dnamelen,
struct sockaddr_storage* addr, socklen_t* addrlen, int* net, int* af) struct sockaddr_storage* addr, socklen_t* addrlen, int* net, int* af)
{ {
char buff[3 /* 3 digit netblock */ + 1]; char buff[3 /* 3 digit netblock */ + 1];
if(*dname > 3) size_t nlablen;
if(dnamelen < 1 || *dname > 3)
/* netblock invalid */ /* netblock invalid */
return 0; return 0;
memcpy(buff, dname+1, *dname); nlablen = *dname;
buff[*dname] = '\0';
if(dnamelen < 1 + nlablen)
return 0;
memcpy(buff, dname+1, nlablen);
buff[nlablen] = '\0';
*net = atoi(buff); *net = atoi(buff);
if(*net == 0 && strcmp(buff, "0") != 0) if(*net == 0 && strcmp(buff, "0") != 0)
return 0; return 0;
dname += *dname; dname += nlablen;
dname++; dname++;
if(!ipdnametoaddr(dname, dnamelen, addr, addrlen, af)) if(!ipdnametoaddr(dname, dnamelen-1-nlablen, addr, addrlen, af))
return 0; return 0;
if((*af == AF_INET6 && *net > 128) || (*af == AF_INET && *net > 32)) if((*af == AF_INET6 && *net > 128) || (*af == AF_INET && *net > 32))
return 0; return 0;