ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

3621. [security] Incorrect bounds checking on private type 'keydata'

Browse Source 
can lead to a remotely triggerable REQUIRE failure
                        (CVE-2013-4854). [RT #34238]
This commit is contained in:
Mark Andrews
2013-07-17 08:03:50 +10:00
parent 353c60daeb
commit fdb4ae8f6c
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -1,3 +1,7 @@
3621. [security] Incorrect bounds checking on private type 'keydata'
can lead to a remotely triggerable REQUIRE failure
(CVE-2013-4854). [RT #34238]
3620. [func] Added "rpz-client-ip" policy triggers, enabling
RPZ responses to be configured on the basis of
the client IP address; this can be used, for

2
lib/dns/rdata/generic/keydata_65533.c
View File

@@ -194,7 +194,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
if (sr.length < 4)
if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length);