File bsc_1195058.patch of Package ldns.22721

commit 136ec420437041fe13f344a2053e774f9050cc38
Author: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date:   Thu Sep 26 09:27:29 2019 +0200

    * bugfix #51: Heap Out-of-bound Read vulnerability in
      ldns_nsec3_salt_data reported by pokerfacett.

Index: ldns-1.7.0/dnssec.c
===================================================================
--- ldns-1.7.0.orig/dnssec.c
+++ ldns-1.7.0/dnssec.c
@@ -1327,6 +1327,8 @@ ldns_nsec3_salt_data(const ldns_rr *nsec
 	ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
 	if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
 	    	salt_length = ldns_rdf_data(salt_rdf)[0];
+		if((size_t)salt_length+1 > ldns_rdf_size(salt_rdf))
+			return NULL;
 		salt = LDNS_XMALLOC(uint8_t, salt_length);
                 if(!salt) return NULL;
 		memcpy(salt, &ldns_rdf_data(salt_rdf)[1], salt_length);

Places

File bsc_1195058.patch of Package ldns.22721

Places