4285. [security] Specific APL data could trigger a INSIST.

(CVE-2015-8704) [RT #41396]
This commit is contained in:
Mark Andrews
2015-12-31 13:43:21 +11:00
parent 7321d8df7b
commit 1b3d211802
3 changed files with 11 additions and 2 deletions

View File

@@ -116,7 +116,7 @@ totext_in_apl(ARGS_TOTEXT) {
isc_uint8_t len;
isc_boolean_t neg;
unsigned char buf[16];
char txt[sizeof(" !64000")];
char txt[sizeof(" !64000:")];
const char *sep = "";
int n;
@@ -140,7 +140,7 @@ totext_in_apl(ARGS_TOTEXT) {
isc_region_consume(&sr, 1);
INSIST(len <= sr.length);
n = snprintf(txt, sizeof(txt), "%s%s%u:", sep,
neg ? "!": "", afi);
neg ? "!" : "", afi);
INSIST(n < (int)sizeof(txt));
RETERR(str_totext(txt, target));
switch (afi) {