blob: 7f28e4496a4178eedee3079eae9b90093c21b67c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Upstream-Status: Backport
https://bugzilla.redhat.com/attachment.cgi?id=1115781
CVE: CVE-2015-8704
Signed-off-by: Armin Kuster <akuster@mvista.com>
Index: bind-9.9.5/lib/dns/rdata/in_1/apl_42.c
===================================================================
--- bind-9.9.5.orig/lib/dns/rdata/in_1/apl_42.c
+++ bind-9.9.5/lib/dns/rdata/in_1/apl_42.c
@@ -116,7 +116,7 @@ totext_in_apl(ARGS_TOTEXT) {
isc_uint8_t len;
isc_boolean_t neg;
unsigned char buf[16];
- char txt[sizeof(" !64000")];
+ char txt[sizeof(" !64000:")];
const char *sep = "";
int n;
@@ -140,7 +140,7 @@ totext_in_apl(ARGS_TOTEXT) {
isc_region_consume(&sr, 1);
INSIST(len <= sr.length);
n = snprintf(txt, sizeof(txt), "%s%s%u:", sep,
- neg ? "!": "", afi);
+ neg ? "!" : "", afi);
INSIST(n < (int)sizeof(txt));
RETERR(str_totext(txt, target));
switch (afi) {
|