Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Out-of-bounds read caused by improper validation of array index #19

Closed
fcambus opened this issue Jun 28, 2019 · 1 comment
Closed

Out-of-bounds read caused by improper validation of array index #19

fcambus opened this issue Jun 28, 2019 · 1 comment

Comments

@fcambus
Copy link

@fcambus fcambus commented Jun 28, 2019

Hi,

While fuzzing nsd-checkzone with American Fuzzy Lop, I found an out-of-bounds read caused by improper validation of array index, in the rdata_maximum_wireformat_size() function, in rdata.c L873.

Attaching a reproducer (gzipped so GitHub accepts it), issue can be reproduced by running:

nsd-checkzone all.rr zone01

zone01.gz

@wcawijngaards

This comment has been minimized.

Copy link
Member

@wcawijngaards wcawijngaards commented Jul 4, 2019

Thanks for the report! The type SIG was using the parse for type RRSIG, but the internal definition syntax used a different type DNAME conversion, this caused the mismatch and failure; a name allocated in one manner but later used in another manner.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.