* lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):

Prevent overflow of pointer to labels. Patch by Hannes Georg. [ruby-core:71248] [Bug #11632] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52508 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2015-11-09 15:37:04 +0000
committer: akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2015-11-09 15:37:04 +0000
commit: fb40481030e52602cba45374400dc2bd1288ff7a (patch)
tree: f2e712e59a5123f54b0871dd1808883dc3c298ae
parent: cdb68f419e41a7142215e8c8ac64d6f68ae0de88 (diff)
download: ruby-fb40481030e52602cba45374400dc2bd1288ff7a.tar.gz
3 files changed, 26 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 02a1bfe5ae..20c5a6cd52 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Tue Nov 10 00:36:46 2015  Tanaka Akira  <akr@fsij.org>
+
+	* lib/resolv.rb (Resolv::DNS::Message::MessageEncoder#put_labels):
+	  Prevent overflow of pointer to labels.
+	  Patch by Hannes Georg.  [ruby-core:71248] [Bug #11632]
+
 Tue Nov 10 00:25:41 2015  Kazuki Tsujimoto  <kazuki@callcc.net>
 
 	* gems/bundled_gems: update to power_assert 0.2.6.
diff --git a/lib/resolv.rb b/lib/resolv.rb
index a5eb9fe55f..17c832037f 100644
--- a/lib/resolv.rb
+++ b/lib/resolv.rb
@@ -1477,7 +1477,9 @@ class Resolv
               self.put_pack("n", 0xc000 | idx)
               return
             else
-              @names[domain] = @data.length
+              if @data.length < 0x4000
+                @names[domain] = @data.length
+              end
               self.put_label(d[i])
             end
           }
diff --git a/test/resolv/test_dns.rb b/test/resolv/test_dns.rb
index e7857248ce..9f993ba96a 100644
--- a/test/resolv/test_dns.rb
+++ b/test/resolv/test_dns.rb
@@ -197,4 +197,21 @@ class TestResolvDNS < Test::Unit::TestCase
     expected = (['0'] * 32 + ['ip6', 'arpa']).map {|label| Resolv::DNS::Label::Str.new(label) }
     assert_equal(expected, labels)
   end
+
+  def test_too_big_label_address
+    n = 2000
+    m = Resolv::DNS::Message::MessageEncoder.new {|msg|
+      2.times {
+        n.times {|i| msg.put_labels(["foo#{i}"]) }
+      }
+    }
+    Resolv::DNS::Message::MessageDecoder.new(m.to_s) {|msg|
+      2.times {
+        n.times {|i|
+          assert_equal(["foo#{i}"], msg.get_labels.map {|label| label.to_s })
+        }
+      }
+    }
+    assert_operator(2**14, :<, m.to_s.length)
+  end
 end
author	akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2015-11-09 15:37:04 +0000
committer	akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2015-11-09 15:37:04 +0000
commit	fb40481030e52602cba45374400dc2bd1288ff7a (patch)
tree	f2e712e59a5123f54b0871dd1808883dc3c298ae
parent	cdb68f419e41a7142215e8c8ac64d6f68ae0de88 (diff)
download	ruby-fb40481030e52602cba45374400dc2bd1288ff7a.tar.gz