hesiod: Avoid heap overflow in get_txt_records [BZ #20031]

2025-08-08 17:42:12 +03:00 · 2016-05-02 16:04:32 +02:00
parent 5018f16c62
commit 8a03ccbb77
2 changed files with 7 additions and 1 deletions
--- a/hesiod/hesiod.c
+++ b/hesiod/hesiod.c
@@ -398,7 +398,7 @@ get_txt_records(struct hesiod_p *ctx, int class, const char *name) {
 		cp += INT16SZ + INT32SZ;	/* skip the ttl, too */
 		rr.dlen = ns_get16(cp);
 		cp += INT16SZ;
-		if (cp + rr.dlen > eom) {
+		if (rr.dlen == 0 || cp + rr.dlen > eom) {
 			__set_errno(EMSGSIZE);
 			goto cleanup;
 		}