diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2024-05-10 20:48:53 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2024-05-10 20:48:53 +0000 |
| commit | c2a80056864d6eda0398fd127dc0ae515b39752b (patch) | |
| tree | 92e6196ae61df0fa7e4db654f78dfd837cc41826 /util/net_help.c | |
| parent | 5a33598e88ad8fbc0affa74dee0a2d8cc4010fbc (diff) | |
unbound: Vendor import 1.20.0vendor/unbound/1.20.0
Release notes at
https://www.nlnetlabs.nl/news/2024/May/08/unbound-1.20.0-released/
Security: The DNSBomb vulnerability CVE-2024-33655
Diffstat (limited to 'util/net_help.c')
| -rw-r--r-- | util/net_help.c | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/util/net_help.c b/util/net_help.c index 8970247926d7..d2218ea88332 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -77,6 +77,8 @@ /** max length of an IP address (the address portion) that we allow */ #define MAX_ADDR_STRLEN 128 /* characters */ +/** max length of a hostname (with port and tls name) that we allow */ +#define MAX_HOST_STRLEN (LDNS_MAX_DOMAINLEN * 3) /* characters */ /** default value for EDNS ADVERTISED size */ uint16_t EDNS_ADVERTISED_SIZE = 4096; @@ -486,28 +488,38 @@ uint8_t* authextstrtodname(char* str, int* port, char** auth_name) *port = UNBOUND_DNS_PORT; *auth_name = NULL; if((s=strchr(str, '@'))) { + char buf[MAX_HOST_STRLEN]; + size_t len = (size_t)(s-str); char* hash = strchr(s+1, '#'); if(hash) { *auth_name = hash+1; } else { *auth_name = NULL; } + if(len >= MAX_HOST_STRLEN) { + return NULL; + } + (void)strlcpy(buf, str, sizeof(buf)); + buf[len] = 0; *port = atoi(s+1); if(*port == 0) { if(!hash && strcmp(s+1,"0")!=0) - return 0; + return NULL; if(hash && strncmp(s+1,"0#",2)!=0) - return 0; + return NULL; } - *s = 0; - dname = sldns_str2wire_dname(str, &dname_len); - *s = '@'; + dname = sldns_str2wire_dname(buf, &dname_len); } else if((s=strchr(str, '#'))) { + char buf[MAX_HOST_STRLEN]; + size_t len = (size_t)(s-str); + if(len >= MAX_HOST_STRLEN) { + return NULL; + } + (void)strlcpy(buf, str, sizeof(buf)); + buf[len] = 0; *port = UNBOUND_DNS_OVER_TLS_PORT; *auth_name = s+1; - *s = 0; - dname = sldns_str2wire_dname(str, &dname_len); - *s = '#'; + dname = sldns_str2wire_dname(buf, &dname_len); } else { dname = sldns_str2wire_dname(str, &dname_len); } @@ -1026,11 +1038,11 @@ static void log_crypto_err_io_code_arg(const char* str, int r, } else { if(print_errno) { if(errno == 0) - log_err("str: syscall error with errno %s", - strerror(errno)); - else log_err("str: %s", strerror(errno)); + log_err("%s: syscall error with errno %s", + str, strerror(errno)); + else log_err("%s: %s", str, strerror(errno)); } else { - log_err("str: %s", inf); + log_err("%s: %s", str, inf); } } } |