From f8c01862214fcf1475000d11128991e29cb3ba98 Mon Sep 17 00:00:00 2001 From: Alexey Izbyshev Date: Tue, 23 Apr 2024 09:35:30 -0700 Subject: [PATCH] Fix calling __dns_parse with potentially too large rlen __res_send returns the full answer length even if it didn't fit the buffer, but __dns_parse expects the length of the filled part of the buffer. Analogous to Musl commit 77327ed064bd57b0e1865cd0e0364057ff4a53b4 which fixed the only other __dns_parse call site. --- third_party/musl/getnameinfo.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/third_party/musl/getnameinfo.c b/third_party/musl/getnameinfo.c index ffced1dd3..173822278 100644 --- a/third_party/musl/getnameinfo.c +++ b/third_party/musl/getnameinfo.c @@ -206,8 +206,10 @@ int getnameinfo(const struct sockaddr *restrict sa, socklen_t sl, query[3] = 0; /* don't need AD flag */ int rlen = __res_send(query, qlen, reply, sizeof reply); buf[0] = 0; - if (rlen > 0) + if (rlen > 0) { + if (rlen > sizeof reply) rlen = sizeof reply; __dns_parse(reply, rlen, dns_parse_callback, buf); + } } if (!*buf) { if (flags & NI_NAMEREQD) return EAI_NONAME;