[svn] commit: r1084 - /trunk/src/lib/dns/cpp/rdata/generic/rrsig_46.cc
BIND 10 source code commits
bind10-changes at lists.isc.org
Tue Mar 2 23:54:11 UTC 2010
Author: jinmei
Date: Tue Mar 2 23:54:10 2010
New Revision: 1084
Log:
tightened the data length check for the from-wire constructor.
Modified:
trunk/src/lib/dns/cpp/rdata/generic/rrsig_46.cc
Modified: trunk/src/lib/dns/cpp/rdata/generic/rrsig_46.cc
==============================================================================
--- trunk/src/lib/dns/cpp/rdata/generic/rrsig_46.cc (original)
+++ trunk/src/lib/dns/cpp/rdata/generic/rrsig_46.cc Tue Mar 2 23:54:10 2010
@@ -122,10 +122,11 @@
uint16_t tag = buffer.readUint16();
Name signer(buffer);
+ // rdata_len must be sufficiently large to hold non empty signature data.
+ if (rdata_len <= buffer.getPosition() - pos) {
+ dns_throw(InvalidRdataLength, "RRSIG too short");
+ }
rdata_len -= (buffer.getPosition() - pos);
- if (rdata_len == 0) {
- dns_throw(InvalidRdataLength, "RRSIG too short");
- }
vector<uint8_t> signature;
for (int i = 0; i < rdata_len; i++) {
More information about the bind10-changes
mailing list