Check that there is enough data for the required elements
of an NAPTR record (2 int16, 3 bytes for string lengths)
before processing a record.
Bug: https://c-ares.haxx.se/adv_20170620.html
Link: https://c-ares.haxx.se/CVE-2017-1000381.patch
Change-Id: I16056280817af5cd7a62ddc366280c73391cbc6a
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
status = ARES_EBADRESP;
break;
}
+ /* RR must contain at least 7 bytes = 2 x int16 + 3 x name */
+ if (rr_len < 7)
+ {
+ status = ARES_EBADRESP;
+ break;
+ }
/* Check if we are really looking at a NAPTR record */
if (rr_class == C_IN && rr_type == T_NAPTR)
return ARES_SUCCESS;
}
-