colin/hickory-dns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

proto/rr: do not deserialize ClientSubnets with invalid prefixes

Browse Source 
When serializing a ClientSubnet, if the source prefix is larger than
the address itself, we return an error. However, when deserializing
the same type we will happily take an invalid prefix. Fix this
consistency issue by rejecting invalid prefixes during
deserialization.
This commit is contained in:
Carlos López 2023-10-11 19:03:16 +02:00 committed by Dirkjan Ochtman
parent 45bd92f4ac
commit c9cc5c9dd0
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crates/proto/src/rr/rdata/opt.rs
View File

@ -678,6 +678,9 @@ impl<'a> BinDecodable<'a> for ClientSubnet {
let addr_len =
(source_prefix / 8 + if source_prefix % 8 > 0 { 1 } else { 0 }) as usize;
let mut octets = Ipv4Addr::UNSPECIFIED.octets();
if addr_len > octets.len() {
return Err(ProtoErrorKind::Message("Invalid address length").into());
}
for octet in octets.iter_mut().take(addr_len) {
*octet = decoder.read_u8()?.unverified();
}
@ -694,6 +697,9 @@ impl<'a> BinDecodable<'a> for ClientSubnet {
let addr_len =
(source_prefix / 8 + if source_prefix % 8 > 0 { 1 } else { 0 }) as usize;
let mut octets = Ipv6Addr::UNSPECIFIED.octets();
if addr_len > octets.len() {
return Err(ProtoErrorKind::Message("Invalid address length").into());
}
for octet in octets.iter_mut().take(addr_len) {
*octet = decoder.read_u8()?.unverified();
}