[PATCH] netmgr: avoid out-of-bounds read from sign-extended char in DoH base64url decoder
Ismail Ramzi
ismail at bugqore.com
Fri Jul 3 04:46:29 UTC 2026
> Note that it's not possible to reach this code with a DoH dns parameter
> value containing any character greater than 0x7F at present, as the
> parser used to extract the value before calling this code is extremely
> strict and will reject the query. There is no other use of this code as
> of this writing.
Thanks, that matches what I found tracing the callers - I couldn't get a
high-bit byte through the front-end parser either, so I agree this isn't
reachable today and the practical impact is nil. I sent it as hardening
of the decoder itself so it stays safe if it's ever called from a less
strict path.
> While the signed issue here should be fixed in my personal opinion, this
> issue is purely theoretical at this point.
Agreed on both counts.
> In any case, the bind-users is a wrong place to report bugs like this. I
> would ask the OP to report this as an issue in our GitLab [...]
Understood, sorry for the noise here. I'll open a GitLab issue with the
details and the patch so it doesn't get lost, and drop the theoretical/
not-currently-reachable context in there too.
Ismail
More information about the bind-users
mailing list