diff options
Diffstat (limited to 'lib/dns/message.c')
| -rw-r--r-- | lib/dns/message.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/lib/dns/message.c b/lib/dns/message.c index 901c6b6d991dd..d76eb4fb26c62 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -1377,6 +1377,16 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t *dctx, covers = 0; /* + * Check the ownername of NSEC3 records + */ + if (rdtype == dns_rdatatype_nsec3 && + !dns_rdata_checkowner(name, msg->rdclass, rdtype, + ISC_FALSE)) { + result = DNS_R_BADOWNERNAME; + goto cleanup; + } + + /* * If we are doing a dynamic update or this is a meta-type, * don't bother searching for a name, just append this one * to the end of the message. @@ -3196,7 +3206,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, const dns_master_style_t *style, dns_messagetextflag_t flags, - isc_buffer_t *target) { + isc_buffer_t *target) +{ dns_rdataset_t *ps = NULL; dns_name_t *name = NULL; isc_result_t result; @@ -3270,8 +3281,11 @@ dns_message_pseudosectiontotext(dns_message_t *msg, sprintf(buf, "%02x ", optdata[i]); ADD_STRING(target, buf); } + for (i = 0; i < optlen; i++) { ADD_STRING(target, " ("); + if (!isc_buffer_availablelength(target)) + return (ISC_R_NOSPACE); if (isprint(optdata[i])) isc_buffer_putmem(target, &optdata[i], |