dns.c: improve input validation
authorKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Sun, 12 Apr 2020 16:53:05 +0000 (17:53 +0100)
committerKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Sun, 19 Apr 2020 20:49:08 +0000 (21:49 +0100)
commite74a3f9883199e9db7220d52b78e5fbdb4441ca3
tree1310341d1f62aaa73e3f27642e5e6195c38e302c
parentab7a39a5b5a0ff74601dd4e82145ca554c1e2ac6
dns.c: improve input validation

dns.c scan_name() add more input validation
parse_answer() add remaining length check
dns_handle_packet() add remaining length check

Addresses CVE-2020-11750

Thanks to Guido Vranken <guido@guidovranken.com> for the report who
requested credit be given to 'ForAllSecure Mayhem'.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
dns.c