diff --git a/bin/tests/wire_test.c b/bin/tests/wire_test.c index 772382849e..21c960ebed 100644 --- a/bin/tests/wire_test.c +++ b/bin/tests/wire_test.c @@ -286,7 +286,7 @@ process_message(isc_buffer_t *source) { } if (dorender) { - unsigned char b2[64 * 1024]; + unsigned char b2[65535]; isc_buffer_t buffer; dns_compress_t cctx; diff --git a/lib/dns/include/dns/message.h b/lib/dns/include/dns/message.h index a4b4b3ffbe..dc0c05846f 100644 --- a/lib/dns/include/dns/message.h +++ b/lib/dns/include/dns/message.h @@ -600,7 +600,7 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, * *\li 'cctx' be valid. * - *\li 'buffer' is a valid buffer. + *\li 'buffer' is a valid buffer with length less than 65536. * * Side Effects: * diff --git a/lib/dns/message.c b/lib/dns/message.c index 2f352dc7e7..c85e579b02 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -1735,6 +1735,7 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, REQUIRE(DNS_MESSAGE_VALID(msg)); REQUIRE(buffer != NULL); + REQUIRE(isc_buffer_length(buffer) < 65536); REQUIRE(msg->buffer == NULL); REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTRENDER); diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index d0686e1da2..0e09ddcc22 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -1258,7 +1258,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, * Note that although 65535-byte RRs are allowed in principle, they * cannot be zone-transferred (at least not if uncompressible), * because the message and RR headers would push the size of the - * TCP message over the 65536 byte limit. + * TCP message over the 65535 byte limit. */ mem = isc_mem_get(mctx, len); isc_buffer_init(&xfr->buf, mem, len); diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 67be306d46..6f66b00a3c 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -250,7 +250,7 @@ attach_query_msg_to_client(ns_client_t *client, const char *qnamestr, dns_rdatatype_t qtype, unsigned int qflags) { dns_rdataset_t *qrdataset = NULL; dns_message_t *message = NULL; - unsigned char query[65536]; + unsigned char query[65535]; dns_name_t *qname = NULL; isc_buffer_t querybuf; dns_compress_t cctx;