projects / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Change host_lookup re-forward from byname to bydns; checking DNSSEC
[exim.git] / src / src / dns.c
diff --git a/src/src/dns.c b/src/src/dns.c
index 51029d4a557e6899b84b8e06521f07001cfbe2c1..ad98a9d4e420003bf003f64c204bac1356b70ade 100644 (file)
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -1086,31 +1086,36 @@ Argument:
   dnsa       the DNS answer block
   rr         the RR
 
-Returns:     pointer to a chain of dns_address items
+Returns:     pointer to a chain of dns_address items; NULL when the dnsa was overrun
 */
 
 dns_address *
 dns_address_from_rr(dns_answer *dnsa, dns_record *rr)
 {
-dns_address *yield = NULL;
-
-dnsa = dnsa;    /* Stop picky compilers warning */
+dns_address * yield = NULL;
+uschar * dnsa_lim = dnsa->answer + dnsa->answerlen;
 
 if (rr->type == T_A)
   {
   uschar *p = US rr->data;
-  yield = store_get(sizeof(dns_address) + 20);
-  (void)sprintf(CS yield->address, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
-  yield->next = NULL;
+  if (p + 4 <= dnsa_lim)
+    {
+    yield = store_get(sizeof(dns_address) + 20);
+    (void)sprintf(CS yield->address, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+    yield->next = NULL;
+    }
   }
 
 #if HAVE_IPV6
 
 else
   {
-  yield = store_get(sizeof(dns_address) + 50);
-  inet_ntop(AF_INET6, US rr->data, CS yield->address, 50);
-  yield->next = NULL;
+  if (rr->data + 16 <= dnsa_lim)
+    {
+    yield = store_get(sizeof(dns_address) + 50);
+    inet_ntop(AF_INET6, US rr->data, CS yield->address, 50);
+    yield->next = NULL;
+    }
   }
 #endif  /* HAVE_IPV6 */
 
Unnamed repository; edit this file 'description' to name the repository.