openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-04-26 07:05:54 +00:00
Code Issues Projects Releases Wiki Activity

fix possible out of bound access in dname_expand()

Browse Source 
spotted by Renaud Allard (thanks!), diff tweaked by me.

ok deraadt@
This commit is contained in:
op
2026-04-01 11:19:01 +00:00
parent ffc378411d
commit 76af690f2b
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
usr.sbin/smtpd/unpack_dns.c
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: unpack_dns.c,v 1.3 2022/01/20 14:18:10 naddy Exp $ */
/* $OpenBSD: unpack_dns.c,v 1.4 2026/04/01 11:19:01 op Exp $ */
/*
* Copyright (c) 2011-2014 Eric Faurot <eric@faurot.net>
@@ -147,13 +147,14 @@ dname_expand(const unsigned char *data, size_t len, size_t offset,
size_t n, count, end, ptr, start;
ssize_t res;
if (offset >= len)
return (-1);
res = 0;
end = start = offset;
for (; (n = data[offset]); ) {
for (;;) {
if (offset >= len)
return (-1);
n = data[offset];
if ((n & 0xc0) == 0xc0) {
if (offset + 2 > len)
return (-1);