mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
- Fix Assert Causing DoS in synth_cname(),
reported by X41 D-Sec.
This commit is contained in:
W.C.A. Wijngaards
parent
5a00b31f86
commit
f5e06689d1
2 changed files with 6 additions and 0 deletions
|
|
@ -3,6 +3,8 @@
|
||||||
from 'quick' to 'basic' because this is an I/O lock.
|
from 'quick' to 'basic' because this is an I/O lock.
|
||||||
- Fix text around serial arithmatic used for RRSIG times to refer
|
- Fix text around serial arithmatic used for RRSIG times to refer
|
||||||
to correct RFC number.
|
to correct RFC number.
|
||||||
|
- Fix Assert Causing DoS in synth_cname(),
|
||||||
|
reported by X41 D-Sec.
|
||||||
|
|
||||||
2 December 2019: Wouter
|
2 December 2019: Wouter
|
||||||
- Merge pull request #122 from he32: In tcp_callback_writer(),
|
- Merge pull request #122 from he32: In tcp_callback_writer(),
|
||||||
|
|
|
||||||
|
|
@ -217,6 +217,10 @@ synth_cname(uint8_t* qname, size_t qnamelen, struct rrset_parse* dname_rrset,
|
||||||
size_t dtarglen;
|
size_t dtarglen;
|
||||||
if(!parse_get_cname_target(dname_rrset, &dtarg, &dtarglen))
|
if(!parse_get_cname_target(dname_rrset, &dtarg, &dtarglen))
|
||||||
return 0;
|
return 0;
|
||||||
|
if(qnamelen <= dname_rrset->dname_len)
|
||||||
|
return 0;
|
||||||
|
if(qnamelen == 0)
|
||||||
|
return 0;
|
||||||
log_assert(qnamelen > dname_rrset->dname_len);
|
log_assert(qnamelen > dname_rrset->dname_len);
|
||||||
/* DNAME from com. to net. with qname example.com. -> example.net. */
|
/* DNAME from com. to net. with qname example.com. -> example.net. */
|
||||||
/* so: \3com\0 to \3net\0 and qname \7example\3com\0 */
|
/* so: \3com\0 to \3net\0 and qname \7example\3com\0 */
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue