prevent CNAME/PTR parsing from reading data past the response end - grovel - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Alexey Izbyshev <izbyshev@ispras.ru>	2023-01-29 19:46:51 +0300
committer	Rich Felker <dalias@aerifal.cx>	2023-02-27 10:03:06 -0500
commit	9b132e556774c744f9052581d2d8d0fab417e97c (patch)
tree	cbb516502c92f69bb6b01c82dbb7c30fed845c56 /src/network/res_msend.c
parent	fix out-of-bounds reads in __dns_parse (diff)
download	grovel-9b132e556774c744f9052581d2d8d0fab417e97c.tar.gz grovel-9b132e556774c744f9052581d2d8d0fab417e97c.tar.xz

prevent CNAME/PTR parsing from reading data past the response end

DNS parsing callbacks pass the response buffer end instead of the actual response end to dn_expand, so a malformed DNS response can use message compression to make dn_expand jump past the response end and attempt to parse uninitialized parts of that buffer, which might succeed and return garbage.

Diffstat (limited to 'src/network/res_msend.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: