Home Explore Help
Sign In
hongwenjun
/
musl
mirror of https://git.musl-libc.org/git/musl
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix rejection of dns responses with pointers past 512 byte offset

the __dns_parse code used by the stub resolver traditionally included
code to reject label pointers to offsets past a 512 byte limit,
despite never processing the label contents, only stepping over them.
when commit 51d4669fb97782f6a66606da852b5afd49a08001 added support for
tcp fallback, this limit was overlooked, and as a result, it was at
least theoretically possible for some valid large answers to be
rejected on account of these offsets.

since the limit was never serving any useful purpose, just remove it.
Rich Felker 1 year ago
parent
a4ecaf89a9
commit
83b858f83b
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      src/network/dns_parse.c

+ 2 - 2
src/network/dns_parse.c
View File 

@@ -15,13 +15,13 @@ int __dns_parse(const unsigned char *r, int rlen, int (*callback)(void *, int, c
 
 	if (qdcount+ancount > 64) return -1;
 
 	while (qdcount--) {
 
 		while (p-r < rlen && *p-1U < 127) p++;
 
-		if (p>r+rlen-6 || *p>193 || (*p==193 && p[1]>254))
 
+		if (p>r+rlen-6)
 
 			return -1;
 
 		p += 5 + !!*p;
 
 	}
 
 	while (ancount--) {
 
 		while (p-r < rlen && *p-1U < 127) p++;
 
-		if (p>r+rlen-12 || *p>193 || (*p==193 && p[1]>254))
 
+		if (p>r+rlen-12)
 
 			return -1;
 
 		p += 1 + !!*p;
 
 		len = p[8]*256 + p[9];