From eedd1bf03351c8bd012552b0a0e7297ef33cb910 Mon Sep 17 00:00:00 2001 From: Jukka Rissanen Date: Tue, 26 Nov 2024 16:40:28 +0200 Subject: [PATCH] net: dns: Validate source buffer length properly Make sure that when copying the qname, the source buffer is large enough for the data. Signed-off-by: Jukka Rissanen --- subsys/net/lib/dns/dns_pack.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/net/lib/dns/dns_pack.c b/subsys/net/lib/dns/dns_pack.c index c5794510ef9d..846078077d11 100644 --- a/subsys/net/lib/dns/dns_pack.c +++ b/subsys/net/lib/dns/dns_pack.c @@ -394,7 +394,7 @@ int dns_copy_qname(uint8_t *buf, uint16_t *len, uint16_t size, /* validate that the label (i.e. size + elements), * fits the current msg buffer */ - if (DNS_LABEL_LEN_SIZE + lb_size > size - *len) { + if (DNS_LABEL_LEN_SIZE + lb_size > MIN(size - *len, msg_size - pos)) { rc = -ENOMEM; break; }