diff options
| author | Florian Obser <florian@cvs.openbsd.org> | 2020-05-14 06:08:42 +0000 |
|---|---|---|
| committer | Florian Obser <florian@cvs.openbsd.org> | 2020-05-14 06:08:42 +0000 |
| commit | f57fb0d0486d7aafc358ce2efaa001618a4eb084 (patch) | |
| tree | fa5705167711c032ea4c61c37b240999e5f32cc7 /usr.sbin/nsd/edns.c | |
| parent | 989557496ac66d0804ed6d9c4d50fff6000a8bc9 (diff) | |
Update to 4.3.1
Testing & OK sthen
Diffstat (limited to 'usr.sbin/nsd/edns.c')
| -rw-r--r-- | usr.sbin/nsd/edns.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.sbin/nsd/edns.c b/usr.sbin/nsd/edns.c index 72a38d0a300..c6012b21111 100644 --- a/usr.sbin/nsd/edns.c +++ b/usr.sbin/nsd/edns.c @@ -128,13 +128,16 @@ edns_parse_record(edns_record_type *edns, buffer_type *packet, if (opt_rdlen > 0) { if(!buffer_available(packet, opt_rdlen)) return 0; + if(opt_rdlen > 65530) + return 0; /* there is more to come, read opt code */ while(opt_rdlen >= 4) { uint16_t optcode = buffer_read_u16(packet); uint16_t optlen = buffer_read_u16(packet); - if(opt_rdlen < 4+optlen) + opt_rdlen -= 4; + if(opt_rdlen < optlen) return 0; /* opt too long, formerr */ - opt_rdlen -= (4+optlen); + opt_rdlen -= optlen; if(!edns_handle_option(optcode, optlen, packet, edns, query, nsd)) return 0; |