From 20011324500a728851e4888c890a756ecf71394b Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 27 Oct 2005 14:30:46 +0000
Subject: Add validity checking to TXT data parsing, this fixes a remotely
 exploitable vulnerability.

git-svn-id: file:///home/lennart/svn/public/avahi/trunk@888 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe
---
 avahi-core/dns.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'avahi-core')

diff --git a/avahi-core/dns.c b/avahi-core/dns.c
index 63ea8a0..d237d55 100644
--- a/avahi-core/dns.c
+++ b/avahi-core/dns.c
@@ -544,7 +544,8 @@ static int parse_rdata(AvahiDnsPacket *p, AvahiRecord *r, uint16_t rdlength) {
         case AVAHI_DNS_TYPE_TXT:
 
             if (rdlength > 0) {
-                r->data.txt.string_list = avahi_string_list_parse(avahi_dns_packet_get_rptr(p), rdlength);
+                if (avahi_string_list_parse(avahi_dns_packet_get_rptr(p), rdlength, &r->data.txt.string_list) < 0)
+                    return -1;
                 
                 if (avahi_dns_packet_skip(p, rdlength) < 0)
                     return -1;
-- 
cgit