Commit 182a3400 authored by Mark Andrews's avatar Mark Andrews
Browse files

1463. [bug] dns_rdata_from{wire,struct}() failed to catch bad

                        NXT bit maps. [RT #5577]
parent 603658ea
1463. [bug] dns_rdata_from{wire,struct}() failed to catch bad
NXT bit maps. [RT #5577]
1462. [bug] parse_sizeval() failed to check the token type.
[RT #5586]
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.h,v 1.97 2003/02/27 00:19:04 marka Exp $ */
/* $Id: result.h,v 1.98 2003/04/17 03:43:35 marka Exp $ */
#ifndef DNS_RESULT_H
#define DNS_RESULT_H 1
......@@ -135,8 +135,9 @@
#define DNS_R_CHASEDSSERVERS (ISC_RESULTCLASS_DNS + 91)
#define DNS_R_EMPTYNAME (ISC_RESULTCLASS_DNS + 92)
#define DNS_R_EMPTYWILD (ISC_RESULTCLASS_DNS + 93)
#define DNS_R_BADBITMAP (ISC_RESULTCLASS_DNS + 94)
#define DNS_R_NRESULTS 94 /* Number of results */
#define DNS_R_NRESULTS 95 /* Number of results */
/*
* DNS wire format rcodes.
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: nxt_30.c,v 1.55 2002/02/20 03:34:54 marka Exp $ */
/* $Id: nxt_30.c,v 1.56 2003/04/17 03:43:35 marka Exp $ */
/* reviewed: Wed Mar 15 18:21:15 PST 2000 by brister */
......@@ -142,9 +142,9 @@ fromwire_nxt(ARGS_FROMWIRE) {
RETERR(dns_name_fromwire(&name, source, dctx, downcase, target));
isc_buffer_activeregion(source, &sr);
/* XXXRTH Enforce RFC 2535 length rules if bit 0 is not set. */
if (sr.length > 8 * 1024)
return (DNS_R_EXTRADATA);
if (sr.length > 0 && (sr.base[0] & 0x80) == 0 &&
((sr.length > 16) || sr.base[sr.length - 1] == 0))
return (DNS_R_BADBITMAP);
RETERR(mem_tobuffer(target, sr.base, sr.length));
isc_buffer_forward(source, sr.length);
return (ISC_R_SUCCESS);
......@@ -206,6 +206,10 @@ fromstruct_nxt(ARGS_FROMSTRUCT) {
REQUIRE(nxt->common.rdtype == type);
REQUIRE(nxt->common.rdclass == rdclass);
REQUIRE(nxt->typebits != NULL || nxt->len == 0);
if (nxt->typebits != NULL && (nxt->typebits[0] & 0x80) == 0) {
REQUIRE(nxt->len <= 16);
REQUIRE(nxt->typebits[nxt->len - 1] != 0);
}
UNUSED(type);
UNUSED(rdclass);
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.c,v 1.107 2003/02/27 00:19:03 marka Exp $ */
/* $Id: result.c,v 1.108 2003/04/17 03:43:35 marka Exp $ */
#include <config.h>
......@@ -141,7 +141,8 @@ static const char *text[DNS_R_NRESULTS] = {
"unexpected OPCODE", /* 90 DNS_R_UNEXPECTEDOPCODE */
"chase DS servers", /* 91 DNS_R_CHASEDSSERVERS */
"empty name", /* 92 DNS_R_EMPTYNAME */
"empty wild" /* 93 DNS_R_EMPTYWILD */
"empty wild", /* 93 DNS_R_EMPTYWILD */
"bad bitmap" /* 94 DNS_R_BADBITMAP */
};
static const char *rcode_text[DNS_R_NRCODERESULTS] = {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment