From 1c0ab5bd34159d2ae53390571113844ebadc161b Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Thu, 16 Jul 2009 23:37:50 -0700 Subject: Handle overly large answer buffers in resolver. In EDNS0 records the maximum result size is transmitted in a 16 bit value. Large buffer sizes were handled incorrectly by using only the low 16 bits. Fix this by limiting the size to 0xffff. --- resolv/res_mkquery.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'resolv') diff --git a/resolv/res_mkquery.c b/resolv/res_mkquery.c index ae0cdb417e..2dda4c0f45 100644 --- a/resolv/res_mkquery.c +++ b/resolv/res_mkquery.c @@ -244,7 +244,7 @@ __res_nopt(res_state statp, *cp++ = 0; /* "." */ NS_PUT16(T_OPT, cp); /* TYPE */ - NS_PUT16(anslen & 0xffff, cp); /* CLASS = UDP payload size */ + NS_PUT16(MIN(anslen, 0xffff), cp); /* CLASS = UDP payload size */ *cp++ = NOERROR; /* extended RCODE */ *cp++ = 0; /* EDNS version */ /* XXX Once we support DNSSEC we change the flag value here. */ -- cgit v1.2.3