Fix panic on bad length for SVCB record (#1467)
This commit is contained in:
parent
e25bcf5c10
commit
bbc9d5e915
@ -24,6 +24,12 @@ All notes should be prepended with the location of the change, e.g. `(proto)` or
|
||||
|
||||
- (proto) Panic when name exceeds maximal domain name length during display #1447
|
||||
|
||||
## 0.20.2
|
||||
|
||||
### Fixed
|
||||
|
||||
- (proto) Panic on bad length in SVCB for record length #1465
|
||||
|
||||
## 0.20.1
|
||||
|
||||
### Added
|
||||
|
@ -1032,7 +1032,11 @@ pub fn read(decoder: &mut BinDecoder<'_>, rdata_length: Restrict<u16>) -> ProtoR
|
||||
let svc_priority = decoder.read_u16()?.unverified(/*any u16 is valid*/);
|
||||
let target_name = Name::read(decoder)?;
|
||||
|
||||
let mut remainder_len = rdata_length.map(|len| len as usize - (decoder.index() - start_index)).unverified(/*valid len*/);
|
||||
let mut remainder_len = rdata_length
|
||||
.map(|len| len as usize)
|
||||
.checked_sub(decoder.index() - start_index)
|
||||
.map_err(|len| format!("Bad length for RDATA of SVCB: {}", len))?
|
||||
.unverified(); // valid len
|
||||
let mut svc_params: Vec<(SvcParamKey, SvcParamValue)> = Vec::new();
|
||||
|
||||
// must have at least 4 bytes left for the key and the length
|
||||
@ -1053,7 +1057,11 @@ pub fn read(decoder: &mut BinDecoder<'_>, rdata_length: Restrict<u16>) -> ProtoR
|
||||
}
|
||||
|
||||
svc_params.push((key, value));
|
||||
remainder_len = rdata_length.map(|len| len as usize - (decoder.index() - start_index)).unverified(/*valid len*/);
|
||||
remainder_len = rdata_length
|
||||
.map(|len| len as usize)
|
||||
.checked_sub(decoder.index() - start_index)
|
||||
.map_err(|len| format!("Bad length for RDATA of SVCB: {}", len))?
|
||||
.unverified(); // valid len
|
||||
}
|
||||
|
||||
Ok(SVCB {
|
||||
@ -1211,4 +1219,13 @@ mod tests {
|
||||
],
|
||||
));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_no_panic() {
|
||||
const BUF: &[u8] = &[
|
||||
255, 121, 0, 0, 0, 0, 40, 255, 255, 160, 160, 0, 0, 0, 64, 0, 1, 255, 158, 0, 0, 0, 8,
|
||||
0, 0, 7, 7, 0, 0, 0, 0, 0, 0, 0,
|
||||
];
|
||||
assert!(crate::op::Message::from_vec(&BUF).is_err());
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user