chiark / gitweb /
dns-domain: enforce maximum DNS domain name length
[elogind.git] / src / resolve / resolved-dns-domain.c
index 94ffc0f..a41052d 100644 (file)
@@ -45,6 +45,9 @@ int dns_label_unescape(const char **name, char *dest, size_t sz) {
                 if (sz <= 0)
                         return -ENOSPC;
 
+                if (r >= DNS_LABEL_MAX)
+                        return -EINVAL;
+
                 if (*n == '\\') {
                         /* Escaped character */
 
@@ -114,6 +117,9 @@ int dns_label_escape(const char *p, size_t l, char **ret) {
         assert(p);
         assert(ret);
 
+        if (l > DNS_LABEL_MAX)
+                return -EINVAL;
+
         s = malloc(l * 4 + 1);
         if (!s)
                 return -ENOMEM;
@@ -197,6 +203,9 @@ int dns_name_normalize(const char *s, char **_ret) {
                 n += r;
         }
 
+        if (n > DNS_NAME_MAX)
+                return -EINVAL;
+
         if (!GREEDY_REALLOC(ret, allocated, n + 1))
                 return -ENOMEM;
 
@@ -334,11 +343,15 @@ int dns_name_reverse(int family, const union in_addr_union *a, char **ret) {
         if (family == AF_INET)
                 r = asprintf(ret, "%u.%u.%u.%u.in-addr.arpa", p[3], p[2], p[1], p[0]);
         else if (family == AF_INET6)
-                r = asprintf(ret, "%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.ip6.arpa",
-                             hexchar(p[15]), hexchar(p[14]), hexchar(p[13]), hexchar(p[12]),
-                             hexchar(p[11]), hexchar(p[10]), hexchar(p[ 9]), hexchar(p[ 8]),
-                             hexchar(p[ 7]), hexchar(p[ 6]), hexchar(p[ 5]), hexchar(p[ 4]),
-                             hexchar(p[ 3]), hexchar(p[ 2]), hexchar(p[ 1]), hexchar(p[ 0]));
+                r = asprintf(ret, "%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.ip6.arpa",
+                             hexchar(p[15] & 0xF), hexchar(p[15] >> 4), hexchar(p[14] & 0xF), hexchar(p[14] >> 4),
+                             hexchar(p[13] & 0xF), hexchar(p[13] >> 4), hexchar(p[12] & 0xF), hexchar(p[12] >> 4),
+                             hexchar(p[11] & 0xF), hexchar(p[11] >> 4), hexchar(p[10] & 0xF), hexchar(p[10] >> 4),
+                             hexchar(p[ 9] & 0xF), hexchar(p[ 9] >> 4), hexchar(p[ 8] & 0xF), hexchar(p[ 8] >> 4),
+                             hexchar(p[ 7] & 0xF), hexchar(p[ 7] >> 4), hexchar(p[ 6] & 0xF), hexchar(p[ 6] >> 4),
+                             hexchar(p[ 5] & 0xF), hexchar(p[ 5] >> 4), hexchar(p[ 4] & 0xF), hexchar(p[ 4] >> 4),
+                             hexchar(p[ 3] & 0xF), hexchar(p[ 3] >> 4), hexchar(p[ 2] & 0xF), hexchar(p[ 2] >> 4),
+                             hexchar(p[ 1] & 0xF), hexchar(p[ 1] >> 4), hexchar(p[ 0] & 0xF), hexchar(p[ 0] >> 4));
         else
                 return -EAFNOSUPPORT;
         if (r < 0)