From 1fa65c593c6d2fbafe9d0f7caa6eb1c8034da2e0 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 16 Jul 2014 03:29:20 +0200 Subject: [PATCH] dns-domain: never allow labels that are larger than 63 chars --- src/resolve/resolved-dns-domain.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/resolve/resolved-dns-domain.c b/src/resolve/resolved-dns-domain.c index 33ae261..27739c1 100644 --- a/src/resolve/resolved-dns-domain.c +++ b/src/resolve/resolved-dns-domain.c @@ -45,6 +45,9 @@ int dns_label_unescape(const char **name, char *dest, size_t sz) { if (sz <= 0) return -ENOSPC; + if (r >= DNS_LABEL_MAX) + return -EINVAL; + if (*n == '\\') { /* Escaped character */ @@ -114,6 +117,9 @@ int dns_label_escape(const char *p, size_t l, char **ret) { assert(p); assert(ret); + if (l > DNS_LABEL_MAX) + return -EINVAL; + s = malloc(l * 4 + 1); if (!s) return -ENOMEM; -- 2.7.4