Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Security fix, CVE-2017-14491 DNS heap buffer overflow.

Browse Source 
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.
This commit is contained in:
Simon Kelley
2017-09-25 18:17:11 +01:00
parent b697fbb7f1
commit 0549c73b7e
8 changed files with 66 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/util.c
View File

@@ -240,15 +240,20 @@ char *canonicalise(char *in, int *nomem)
return ret;
}
unsigned char *do_rfc1035_name(unsigned char *p, char *sval)
unsigned char *do_rfc1035_name(unsigned char *p, char *sval, char *limit)
{
int j;
while (sval && *sval)
{
if (limit && p + 1 > (unsigned char*)limit)
return p;
unsigned char *cp = p++;
for (j = 0; *sval && (*sval != '.'); sval++, j++)
{
if (limit && p + 1 > (unsigned char*)limit)
return p;
#ifdef HAVE_DNSSEC
if (option_bool(OPT_DNSSEC_VALID) && *sval == NAME_ESCAPE)
*p++ = (*(++sval))-1;