aboutsummaryrefslogtreecommitdiffstats
path: root/main/unbound/CVE-2019-16866.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/unbound/CVE-2019-16866.patch')
-rw-r--r--main/unbound/CVE-2019-16866.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/main/unbound/CVE-2019-16866.patch b/main/unbound/CVE-2019-16866.patch
new file mode 100644
index 0000000000..63ebf61005
--- /dev/null
+++ b/main/unbound/CVE-2019-16866.patch
@@ -0,0 +1,26 @@
+diff --git a/util/data/msgparse.c b/util/data/msgparse.c
+index 13cad8a..fb31237 100644
+--- a/util/data/msgparse.c
++++ b/util/data/msgparse.c
+@@ -1061,18 +1061,18 @@ parse_edns_from_pkt(sldns_buffer* pkt, struct edns_data* edns,
+ size_t rdata_len;
+ uint8_t* rdata_ptr;
+ log_assert(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) == 1);
++ memset(edns, 0, sizeof(*edns));
+ if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) != 0 ||
+ LDNS_NSCOUNT(sldns_buffer_begin(pkt)) != 0) {
+ if(!skip_pkt_rrs(pkt, ((int)LDNS_ANCOUNT(sldns_buffer_begin(pkt)))+
+ ((int)LDNS_NSCOUNT(sldns_buffer_begin(pkt)))))
+- return 0;
++ return LDNS_RCODE_FORMERR;
+ }
+ /* check edns section is present */
+ if(LDNS_ARCOUNT(sldns_buffer_begin(pkt)) > 1) {
+ return LDNS_RCODE_FORMERR;
+ }
+ if(LDNS_ARCOUNT(sldns_buffer_begin(pkt)) == 0) {
+- memset(edns, 0, sizeof(*edns));
+ edns->udp_size = 512;
+ return 0;
+ }
+