mirror of
https://sourceware.org/git/glibc.git
synced 2024-12-23 03:10:05 +00:00
Handle overly large answer buffers in resolver.
In EDNS0 records the maximum result size is transmitted in a 16 bit value. Large buffer sizes were handled incorrectly by using only the low 16 bits. Fix this by limiting the size to 0xffff.
This commit is contained in:
parent
137028b4d7
commit
1c0ab5bd34
@ -1,3 +1,9 @@
|
||||
2009-07-16 Ulrich Drepper <drepper@redhat.com>
|
||||
|
||||
[BZ #10360]
|
||||
* resolv/res-mkquery.c (__res_nopt): If anslen is > 0xffff store
|
||||
0xffff in the EDNS0 record.
|
||||
|
||||
2009-07-16 Petr Baudis <pasky@suse.cz>
|
||||
|
||||
* nscd/mem.c (mempool_alloc): Fix unlock missing in the else branch.
|
||||
|
@ -244,7 +244,7 @@ __res_nopt(res_state statp,
|
||||
*cp++ = 0; /* "." */
|
||||
|
||||
NS_PUT16(T_OPT, cp); /* TYPE */
|
||||
NS_PUT16(anslen & 0xffff, cp); /* CLASS = UDP payload size */
|
||||
NS_PUT16(MIN(anslen, 0xffff), cp); /* CLASS = UDP payload size */
|
||||
*cp++ = NOERROR; /* extended RCODE */
|
||||
*cp++ = 0; /* EDNS version */
|
||||
/* XXX Once we support DNSSEC we change the flag value here. */
|
||||
|
Loading…
Reference in New Issue
Block a user