Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Fix signedness issue in isEDNSOptionInOpt() #8158



Copy link

@rgacogne rgacogne commented Aug 5, 2019

Short description

Interpreting the value as signed could result in a large value being considered negative. After the addition it would be stored into an unsigned value and thus become positive again, but the result of the addition would be wrong.
This means that we could fail to locate some EDNS options whose codes are too large and, while it's extremely unlikely to happen, we could get only a partial content for some very large options.

Reported by Brian Sullivan on the mailing-list 1.


I have:

  • read the document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@rgacogne rgacogne added this to the dnsdist-1.4.0 milestone Aug 5, 2019
@rgacogne rgacogne merged commit bf599d8 into PowerDNS:master Aug 5, 2019
@rgacogne rgacogne deleted the dnsdist-is-edns-option-in-signedness branch August 5, 2019 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

1 participant