Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 2d19fbcab21356f5aee1f2a52591a38665360bb6
commit2d19fbcab21356f5aee1f2a52591a38665360bb6[log] [tgz]
authorRemi Gacogne <remi.gacogne@powerdns.com>Wed Dec 05 17:55:10 2018 +0100
committerWilly Tarreau <w@1wt.eu>Wed Dec 12 14:44:13 2018 +0100
treeb5bb53b852ce75d4f76b15eb74e95bc857b0c10e
parent58df5aea0a0c926b2238f65908f5e9f83d1cca25 [diff]
BUG: dns: Prevent out-of-bounds read in dns_read_name()

Some callers of dns_read_name() do not make sure that we can read
the first byte, holding the length of the next label, without going
past our buffer, so we need to make sure of that.
In addition, if the label is a compressed one we need to make sure
that we can read the following byte to compute the target offset.

To be backported to 1.8, probably also 1.7.
1 file changed
tree: b5bb53b852ce75d4f76b15eb74e95bc857b0c10e
  1. contrib/
  2. doc/
  3. ebtree/
  4. examples/
  5. include/
  6. reg-tests/
  7. scripts/
  8. src/
  9. tests/
  10. .gitignore
  11. CHANGELOG
  12. CONTRIBUTING
  13. LICENSE
  14. MAINTAINERS
  15. Makefile
  16. README
  17. ROADMAP
  18. SUBVERS
  19. VERDATE
  20. VERSION