From 4236972de4c025d5aa1317f782c3df411457b79a Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Sat, 15 Aug 2020 10:12:50 +1000
Subject: [PATCH] A6: return FORMERR in fromwire if bits are non zero.

oss_fuzz: Issue 24864: bind9:dns_rdata_fromwire_text_fuzzer: Overwrites-const-input in dns_rdata_fromwire_text_fuzzer

(cherry picked from commit 8452404bd7facb89790c32bab508f55bf8d37cea)
(cherry picked from commit d8a57d32b19942eea923eecfa1bdd863b3286835)
Conflict: NA
Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/4236972de4c025d5aa1317f782c3df411457b79a
---
 lib/dns/rdata/in_1/a6_38.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c
index 1cdbe62d68..e69fc6fbc8 100644
--- a/lib/dns/rdata/in_1/a6_38.c
+++ b/lib/dns/rdata/in_1/a6_38.c
@@ -173,7 +173,9 @@ fromwire_in_a6(ARGS_FROMWIRE) {
 		if (sr.length < octets)
 			return (ISC_R_UNEXPECTEDEND);
 		mask = 0xff >> (prefixlen % 8);
-		sr.base[0] &= mask;	/* Ensure pad bits are zero. */
+		if ((sr.base[0] & ~mask) != 0) {
+			return (DNS_R_FORMERR);
+		}
 		RETERR(mem_tobuffer(target, sr.base, octets));
 		isc_buffer_forward(source, octets);
 	}
-- 
2.23.0