* lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):

Prevent overflow of pointer to labels.
  Patch by Hannes Georg.  [ruby-core:71248] [Bug #11632]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52508 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
akr 2015-11-09 15:37:04 +00:00
Родитель a3e4d6a56e
Коммит 60055f8dfd
3 изменённых файлов: 26 добавлений и 1 удалений

Просмотреть файл

@ -1,3 +1,9 @@
Tue Nov 10 00:36:46 2015 Tanaka Akira <akr@fsij.org>
* lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):
Prevent overflow of pointer to labels.
Patch by Hannes Georg. [ruby-core:71248] [Bug #11632]
Tue Nov 10 00:25:41 2015 Kazuki Tsujimoto <kazuki@callcc.net> Tue Nov 10 00:25:41 2015 Kazuki Tsujimoto <kazuki@callcc.net>
* gems/bundled_gems: update to power_assert 0.2.6. * gems/bundled_gems: update to power_assert 0.2.6.

Просмотреть файл

@ -1477,7 +1477,9 @@ class Resolv
self.put_pack("n", 0xc000 | idx) self.put_pack("n", 0xc000 | idx)
return return
else else
@names[domain] = @data.length if @data.length < 0x4000
@names[domain] = @data.length
end
self.put_label(d[i]) self.put_label(d[i])
end end
} }

Просмотреть файл

@ -197,4 +197,21 @@ class TestResolvDNS < Test::Unit::TestCase
expected = (['0'] * 32 + ['ip6', 'arpa']).map {|label| Resolv::DNS::Label::Str.new(label) } expected = (['0'] * 32 + ['ip6', 'arpa']).map {|label| Resolv::DNS::Label::Str.new(label) }
assert_equal(expected, labels) assert_equal(expected, labels)
end end
def test_too_big_label_address
n = 2000
m = Resolv::DNS::Message::MessageEncoder.new {|msg|
2.times {
n.times {|i| msg.put_labels(["foo#{i}"]) }
}
}
Resolv::DNS::Message::MessageDecoder.new(m.to_s) {|msg|
2.times {
n.times {|i|
assert_equal(["foo#{i}"], msg.get_labels.map {|label| label.to_s })
}
}
}
assert_operator(2**14, :<, m.to_s.length)
end
end end