mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-02-09 03:11:07 +01:00
Code Issues Projects Releases Wiki Activity

BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()

Browse Source 
A regression was introduced with efbbdf72 BUG: dns: Prevent out-of-bounds
read in dns_validate_dns_response() as it prevented from taking into account
the last byte of the payload.  this patch aims at fixing it.

this must be backported in 1.8.
This commit is contained in:
Jrme Magnin 2018-12-20 16:47:31 +01:00 committed by Willy Tarreau
parent 645b33d233
commit 8d4e7dc880
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/dns.c
View File

@ -810,7 +810,7 @@ static int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend,
/* Move forward 2 bytes for data len */
reader += 2;
if (reader + dns_answer_record->data_len >= bufend) {
if (reader + dns_answer_record->data_len > bufend) {
pool_free(dns_answer_item_pool, dns_answer_record);
return DNS_RESP_INVALID;
}