Protect against malicious DNS replies with very large RRsets.

bb201c21 · Simon Kelley · 12fae49f · bb201c21
Commit bb201c21 authored Feb 06, 2014 by Simon Kelley
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

src/dnssec.c src/dnssec.c +5 -0

No files found.
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -531,6 +531,11 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
 		{
 		  unsigned char **new;
+		  /* Protect against insane/maliciuos queries which bloat the workspace
+		     and eat CPU in the sort */
+		  if (rrsetidx >= 100)
+		    return STAT_INSECURE; 
 		  /* expand */
 		  if (!(new = whine_malloc((rrset_sz + 5) * sizeof(unsigned char **))))
 		    return STAT_INSECURE;