upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-25 02:42:33 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

3621. [security] Incorrect bounds checking on private type 'keydata'

Browse source 
can lead to a remotely triggerable REQUIRE failure
                        (CVE-2013-4854). [RT #34238]
This commit is contained in:
Mark Andrews 2013-07-17 08:03:50 +10:00
parent 353c60daeb
commit fdb4ae8f6c
2 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -1,3 +1,7 @@
3621. [security] Incorrect bounds checking on private type 'keydata'
can lead to a remotely triggerable REQUIRE failure
(CVE-2013-4854). [RT #34238]
3620. [func] Added "rpz-client-ip" policy triggers, enabling
RPZ responses to be configured on the basis of
the client IP address; this can be used, for

2
lib/dns/rdata/generic/keydata_65533.c
View file

@ -194,7 +194,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
if (sr.length < 4)
if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length);