diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2017-08-15 06:10:35 +0000 |
---|---|---|
committer | Lorenzo Colitti <lorenzo@google.com> | 2017-08-15 06:10:35 +0000 |
commit | d774c6e9191f5eac45dccd4d1f3f9eea67e2d5b6 (patch) | |
tree | 51857a8e3fdb733c19c1e060b9969836d727728e | |
parent | 0e86c5a1d5f45e700cad5d7ed47c2b298e6e170b (diff) | |
parent | 31b84030c588539f56899862db06adaa48435391 (diff) | |
download | dnsmasq-d774c6e9191f5eac45dccd4d1f3f9eea67e2d5b6.tar.gz |
[automerger] Make dnsmasq more stable. am: f25df86146 am: 284fd86f87 am: 31b84030c5
Change-Id: I0a825c0b4a24b181218f90c84a361f438cfa1118
-rwxr-xr-x | src/rfc1035.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/rfc1035.c b/src/rfc1035.c index ca5ceba..a12c3b0 100755 --- a/src/rfc1035.c +++ b/src/rfc1035.c @@ -48,7 +48,7 @@ static int extract_name(HEADER *header, size_t plen, unsigned char **pp, /* end marker */ { /* check that there are the correct no of bytes after the name */ - if (!CHECK_LEN(header, p, plen, extrabytes)) + if (!CHECK_LEN(header, p1 ? p1 : p, plen, extrabytes)) return 0; if (isExtract) @@ -1140,6 +1140,9 @@ size_t answer_request(HEADER *header, char *limit, size_t qlen, struct crec *crecp; int nxdomain = 0, auth = 1, trunc = 0; struct mx_srv_record *rec; + + // Make sure we do not underflow here too. + if (qlen > (limit - ((char *)header))) return 0; /* If there is an RFC2671 pseudoheader then it will be overwritten by partial replies, so we have to do a dry run to see if we can answer |