diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-11-29 14:27:28 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-11-30 19:42:35 +0100 |
commit | 1dfbf0007af3023c2e3ae8282a0d0f229f3a89e3 (patch) | |
tree | c50e23e955b9d7151fb0f4f55c833daf8e7eff01 /src/shared | |
parent | 3b37fa735224e58fcc23c737b764d13e22c2885b (diff) |
dns-domain: don't accept overly long hostnames
Make sure dns_name_normalize(), dns_name_concat(), dns_name_is_valid()
do not accept/generate invalidly long hostnames, i.e. longer than 253
characters.
Diffstat (limited to 'src/shared')
-rw-r--r-- | src/shared/dns-domain.c | 3 | ||||
-rw-r--r-- | src/shared/dns-domain.h | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index 7a4093cc47..ab61eb3b6e 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -442,6 +442,9 @@ int dns_name_concat(const char *a, const char *b, char **_ret) { n += r; } + if (n > DNS_HOSTNAME_MAX) + return -EINVAL; + if (_ret) { if (!GREEDY_REALLOC(ret, allocated, n + 1)) return -ENOMEM; diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h index c68f1945e1..44a9975541 100644 --- a/src/shared/dns-domain.h +++ b/src/shared/dns-domain.h @@ -31,6 +31,9 @@ /* Worst case length of a single label, with all escaping applied and room for a trailing NUL byte. */ #define DNS_LABEL_ESCAPED_MAX (DNS_LABEL_MAX*4+1) +/* Maximum length of a full hostname, consisting of a series of unescaped labels, and no trailing dot or NUL byte */ +#define DNS_HOSTNAME_MAX 253 + int dns_label_unescape(const char **name, char *dest, size_t sz); int dns_label_unescape_suffix(const char *name, const char **label_end, char *dest, size_t sz); int dns_label_escape(const char *p, size_t l, char *dest, size_t sz); |