From 0b729df06cb29cf7a3ff59b876e9a2ecb7fac2b1 Mon Sep 17 00:00:00 2001
From: Olafur Gudmundsson <ogud@ogud.com>
Date: Tue, 21 Feb 2017 14:36:40 -0800
Subject: [PATCH] limiting domain names to 255/63 octets/labels (#463)

---
 msg.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/msg.go b/msg.go
index 57262a10..b5c074f0 100644
--- a/msg.go
+++ b/msg.go
@@ -327,6 +327,7 @@ End:
 // UnpackDomainName unpacks a domain name into a string.
 func UnpackDomainName(msg []byte, off int) (string, int, error) {
 	s := make([]byte, 0, 64)
+	labels := 0
 	off1 := 0
 	lenmsg := len(msg)
 	ptr := 0 // number of pointers followed
@@ -369,6 +370,15 @@ Loop:
 					}
 				}
 			}
+			// never exceed the allowed label count lenght (63) 
+			if labels >= 63 { 
+				return "", lenmsg, &Error{err: "name exceeds 63 labels"}
+			}
+			labels += 1
+			// never exceed the allowed doman name length (255 octets) 
+			if len(s) >= 255 {
+				return "", lenmsg, &Error{err: "name exceeded allowed 255 octets"}
+			}
 			s = append(s, '.')
 			off += c
 		case 0xC0:
@@ -388,6 +398,9 @@ Loop:
 			if ptr++; ptr > 10 {
 				return "", lenmsg, &Error{err: "too many compression pointers"}
 			}
+			// pointer should guarantee that it advances and points forwards at least
+			// but the condition on previous three lines guarantees that it's
+			// at least loop-free
 			off = (c^0xC0)<<8 | int(c1)
 		default:
 			// 0x80 and 0x40 are reserved