From cf8418c3194d351f08c02fc7fd9b1a0cc388b5a2 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Wed, 2 Jun 2021 12:56:54 +0200
Subject: [PATCH] Rewrite SVCB rdata in correct order

---
 sldns/str2wire.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/sldns/str2wire.c b/sldns/str2wire.c
index 5d3950fa7..e72037017 100644
--- a/sldns/str2wire.c
+++ b/sldns/str2wire.c
@@ -640,14 +640,14 @@ static int sldns_str2wire_check_svcbparams(uint8_t* rdata, uint16_t rdata_len)
 		svcparams[nparams] = rdata_ptr;
 		if (rdata_remaining < 4)
 			// @TODO verify that these are correct
-			return LDNS_WIREPARSE_ERR_OK;
+			return LDNS_WIREPARSE_ERR_GENERAL;
 		svcbparam_len = sldns_read_uint16(rdata_ptr + 2);
 		rdata_remaining -= 4;
 		rdata_ptr += 4;
 
 		if (rdata_remaining < svcbparam_len)
 			// @TODO verify that these are correct
-			return LDNS_WIREPARSE_ERR_OK;
+			return LDNS_WIREPARSE_ERR_GENERAL;
 		rdata_remaining -= svcbparam_len;
 		rdata_ptr += svcbparam_len;
 
@@ -655,7 +655,7 @@ static int sldns_str2wire_check_svcbparams(uint8_t* rdata, uint16_t rdata_len)
 		if (nparams > sizeof(svcparams))
 			// @TODO Too many svcparams. Unbound allows only
 			//       sizeof(svcparams) svcparams.
-			return LDNS_WIREPARSE_ERR_OK;
+			return LDNS_WIREPARSE_ERR_GENERAL;
 	}
 
 	/* In draft-ietf-dnsop-svcb-https-05 Section 7:
@@ -714,11 +714,13 @@ static int sldns_str2wire_check_svcbparams(uint8_t* rdata, uint16_t rdata_len)
 		uint16_t svcparam_len = sldns_read_uint16(svcparams[i] + 2)
 		                      + 2 * sizeof(uint16_t);
 
+		if (new_rdata_ptr + svcparam_len - new_rdata > sizeof(new_rdata))
+			return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL;
+
 		memcpy(new_rdata_ptr, svcparams[i], svcparam_len);
 		new_rdata_ptr += svcparam_len;
 	}
 	memcpy(rdata, new_rdata, rdata_len);
-
 	return LDNS_WIREPARSE_ERR_OK;
 }