[前][次][番号順一覧][スレッド一覧]

ruby-changes:40427

From: akr <ko1@a...>
Date: Tue, 10 Nov 2015 00:37:15 +0900 (JST)
Subject: [ruby-changes:40427] akr:r52508 (trunk): * lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):

akr	2015-11-10 00:37:04 +0900 (Tue, 10 Nov 2015)

  New Revision: 52508

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=52508

  Log:
    * lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):
      Prevent overflow of pointer to labels.
      Patch by Hannes Georg.  [ruby-core:71248] [Bug #11632]

  Modified files:
    trunk/ChangeLog
    trunk/lib/resolv.rb
    trunk/test/resolv/test_dns.rb
Index: ChangeLog
===================================================================
--- ChangeLog	(revision 52507)
+++ ChangeLog	(revision 52508)
@@ -1,3 +1,9 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1
+Tue Nov 10 00:36:46 2015  Tanaka Akira  <akr@f...>
+
+	* lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):
+	  Prevent overflow of pointer to labels.
+	  Patch by Hannes Georg.  [ruby-core:71248] [Bug #11632]
+
 Tue Nov 10 00:25:41 2015  Kazuki Tsujimoto  <kazuki@c...>
 
 	* gems/bundled_gems: update to power_assert 0.2.6.
Index: lib/resolv.rb
===================================================================
--- lib/resolv.rb	(revision 52507)
+++ lib/resolv.rb	(revision 52508)
@@ -1477,7 +1477,9 @@ class Resolv https://github.com/ruby/ruby/blob/trunk/lib/resolv.rb#L1477
               self.put_pack("n", 0xc000 | idx)
               return
             else
-              @names[domain] = @data.length
+              if @data.length < 0x4000
+                @names[domain] = @data.length
+              end
               self.put_label(d[i])
             end
           }
Index: test/resolv/test_dns.rb
===================================================================
--- test/resolv/test_dns.rb	(revision 52507)
+++ test/resolv/test_dns.rb	(revision 52508)
@@ -197,4 +197,21 @@ class TestResolvDNS < Test::Unit::TestCa https://github.com/ruby/ruby/blob/trunk/test/resolv/test_dns.rb#L197
     expected = (['0'] * 32 + ['ip6', 'arpa']).map {|label| Resolv::DNS::Label::Str.new(label) }
     assert_equal(expected, labels)
   end
+
+  def test_too_big_label_address
+    n = 2000
+    m = Resolv::DNS::Message::MessageEncoder.new {|msg|
+      2.times {
+        n.times {|i| msg.put_labels(["foo#{i}"]) }
+      }
+    }
+    Resolv::DNS::Message::MessageDecoder.new(m.to_s) {|msg|
+      2.times {
+        n.times {|i|
+          assert_equal(["foo#{i}"], msg.get_labels.map {|label| label.to_s })
+        }
+      }
+    }
+    assert_operator(2**14, :<, m.to_s.length)
+  end
 end

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]