From 76f468c8ea568fce98fa75d7f1d540256eb0940a Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 17 Jul 2014 01:10:47 +0200
Subject: [PATCH] dns-domain: enforce maximum DNS domain name length

---
 src/resolve/resolved-dns-domain.c | 3 +++
 src/resolve/resolved-dns-domain.h | 1 +
 2 files changed, 4 insertions(+)

diff --git a/src/resolve/resolved-dns-domain.c b/src/resolve/resolved-dns-domain.c
index 27739c1e5..a41052dde 100644
--- a/src/resolve/resolved-dns-domain.c
+++ b/src/resolve/resolved-dns-domain.c
@@ -203,6 +203,9 @@ int dns_name_normalize(const char *s, char **_ret) {
                 n += r;
         }
 
+        if (n > DNS_NAME_MAX)
+                return -EINVAL;
+
         if (!GREEDY_REALLOC(ret, allocated, n + 1))
                 return -ENOMEM;
 
diff --git a/src/resolve/resolved-dns-domain.h b/src/resolve/resolved-dns-domain.h
index d6b4bdd08..809c4daac 100644
--- a/src/resolve/resolved-dns-domain.h
+++ b/src/resolve/resolved-dns-domain.h
@@ -25,6 +25,7 @@
 #include "in-addr-util.h"
 
 #define DNS_LABEL_MAX 63
+#define DNS_NAME_MAX 255
 
 int dns_label_unescape(const char **name, char *dest, size_t sz);
 int dns_label_escape(const char *p, size_t l, char **ret);
-- 
2.30.2