packages/bind
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bind/backport-0005-NSEC3PARAM-check-that-saltlen-is-consistent-with-the.patch
jiangheng ad37c37958 backport some patches from community 
(cherry picked from commit a9fd9ece9b9436b6103d084920c6897ef1adbae6)
2022-09-03 21:36:21 +08:00

32 lines
1.0 KiB
Diff
Raw Blame History

From 712d3a50df589b6937d8b3537967cf16352bb31b Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Thu, 13 Aug 2020 13:21:46 +1000
Subject: [PATCH] NSEC3PARAM: check that saltlen is consistent with the rdata
length
(cherry picked from commit 7dc8e720ff1360837fc8c0649445bcaa2b1236d4)
Conflict: NA
Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/712d3a50df589b6937d8b3537967cf16352bb31b
---
lib/dns/rdata/generic/nsec3param_51.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/dns/rdata/generic/nsec3param_51.c b/lib/dns/rdata/generic/nsec3param_51.c
index 6140276b54..c515e33c0f 100644
--- a/lib/dns/rdata/generic/nsec3param_51.c
+++ b/lib/dns/rdata/generic/nsec3param_51.c
@@ -156,8 +156,9 @@ fromwire_nsec3param(ARGS_FROMWIRE) {
saltlen = sr.base[4];
isc_region_consume(&sr, 5);
- if (sr.length < saltlen)
+ if (sr.length != saltlen) {
RETERR(DNS_R_FORMERR);
+ }
isc_region_consume(&sr, saltlen);
RETERR(mem_tobuffer(target, rr.base, rr.length));
isc_buffer_forward(source, rr.length);
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink