From ef120738c00c83117060804d734976da898d365f Mon Sep 17 00:00:00 2001
From: Ralph Dolmans <ralph@nlnetlabs.nl>
Date: Wed, 29 Jan 2020 10:57:29 +0100
Subject: [PATCH] - Fix RPZ's get_tld_label maxdnamelen check

---
 services/rpz.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/services/rpz.c b/services/rpz.c
index 72397998f..37ea2aa53 100644
--- a/services/rpz.c
+++ b/services/rpz.c
@@ -118,13 +118,17 @@ get_tld_label(uint8_t* dname, size_t maxdnamelen)
 	uint8_t* prevlab = dname;
 	size_t dnamelen = 0;
 
+	/* one byte needed for label length */
+	if(dnamelen+1 > maxdnamelen)
+		return NULL;
+
 	/* only root label */
 	if(*dname == 0)
 		return NULL;
 
 	while(*dname) {
 		dnamelen += ((size_t)*dname)+1;
-		if(dnamelen > maxdnamelen)
+		if(dnamelen+1 > maxdnamelen)
 			return NULL;
 		dname = dname+((size_t)*dname)+1;
 		if(*dname != 0)