diff options
Diffstat (limited to 'main/unbound/CVE-2019-16866.patch')
-rw-r--r-- | main/unbound/CVE-2019-16866.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/main/unbound/CVE-2019-16866.patch b/main/unbound/CVE-2019-16866.patch new file mode 100644 index 00000000000..63ebf610057 --- /dev/null +++ b/main/unbound/CVE-2019-16866.patch @@ -0,0 +1,26 @@ +diff --git a/util/data/msgparse.c b/util/data/msgparse.c +index 13cad8a..fb31237 100644 +--- a/util/data/msgparse.c ++++ b/util/data/msgparse.c +@@ -1061,18 +1061,18 @@ parse_edns_from_pkt(sldns_buffer* pkt, struct edns_data* edns, + size_t rdata_len; + uint8_t* rdata_ptr; + log_assert(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) == 1); ++ memset(edns, 0, sizeof(*edns)); + if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) != 0 || + LDNS_NSCOUNT(sldns_buffer_begin(pkt)) != 0) { + if(!skip_pkt_rrs(pkt, ((int)LDNS_ANCOUNT(sldns_buffer_begin(pkt)))+ + ((int)LDNS_NSCOUNT(sldns_buffer_begin(pkt))))) +- return 0; ++ return LDNS_RCODE_FORMERR; + } + /* check edns section is present */ + if(LDNS_ARCOUNT(sldns_buffer_begin(pkt)) > 1) { + return LDNS_RCODE_FORMERR; + } + if(LDNS_ARCOUNT(sldns_buffer_begin(pkt)) == 0) { +- memset(edns, 0, sizeof(*edns)); + edns->udp_size = 512; + return 0; + } + |