Gitweb:
https://git.exim.org/exim.git/commitdiff/1b76ad22a23e704c1d931937953d44c9b206c867
Commit: 1b76ad22a23e704c1d931937953d44c9b206c867
Parent: 316645af5a893a91c7a8bc25edcfb3ea179d608a
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Fri Sep 21 12:40:53 2018 +0100
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Fri Sep 21 14:13:44 2018 +0100
DANE: ignore undersized TLSA records
---
src/src/dns.c | 6 +++---
src/src/tls-gnu.c | 4 ++--
src/src/tls-openssl.c | 2 +-
src/src/transports/smtp.c | 23 ++++++++++++-----------
4 files changed, 18 insertions(+), 17 deletions(-)
diff --git a/src/src/dns.c b/src/src/dns.c
index 1da7feb..297b8b8 100644
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -885,7 +885,7 @@ for (i = 0; i <= dns_cname_loops; i++)
uschar * data;
dns_record *rr, cname_rr, type_rr;
dns_scan dnss;
- int datalen, rc;
+ int rc;
/* DNS lookup failures get passed straight back. */
@@ -947,8 +947,8 @@ for (i = 0; i <= dns_cname_loops; i++)
return DNS_FAIL;
data = store_get(256);
- if ((datalen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
- cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256)) < 0)
+ if (dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
+ cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256) < 0)
return DNS_FAIL;
name = data;
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index fd18a60..1430f2f 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2207,7 +2207,7 @@ dane_data_len = store_get(i * sizeof(int));
for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS), i = 0;
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
- ) if (rr->type == T_TLSA)
+ ) if (rr->type == T_TLSA && rr->size > 3)
{
const uschar * p = rr->data;
uint8_t usage = p[0], sel = p[1], type = p[2];
@@ -2774,7 +2774,7 @@ while (left > 0)
DEBUG(D_tls) debug_printf("outbytes=" SSIZE_T_FMT "\n", outbytes);
if (outbytes < 0)
{
-debug_printf("%s: err from gnutls_record_send(\n", __FUNCTION__);
+ DEBUG(D_tls) debug_printf("%s: gnutls_record_send err\n", __FUNCTION__);
record_io_error(state, outbytes, US"send", NULL);
return -1;
}
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 81372cf..c5ebc13 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2337,7 +2337,7 @@ if (DANESSL_init(ssl, NULL, hostnames) != 1)
for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
- ) if (rr->type == T_TLSA)
+ ) if (rr->type == T_TLSA && rr->size > 3)
{
const uschar * p = rr->data;
uint8_t usage, selector, mtype;
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index d7e8396..f3e09ad 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -1254,19 +1254,20 @@ switch (rc)
dns_scan dnss;
dns_record * rr;
for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
- rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) if (rr->type == T_TLSA)
- {
- uint16_t payload_length = rr->size - 3;
- uschar s[MAX_TLSA_EXPANDED_SIZE], * sp = s, * p = US rr->data;
+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
+ if (rr->type == T_TLSA && rr->size > 3)
+ {
+ uint16_t payload_length = rr->size - 3;
+ uschar s[MAX_TLSA_EXPANDED_SIZE], * sp = s, * p = US rr->data;
- sp += sprintf(CS sp, "%d ", *p++); /* usage */
- sp += sprintf(CS sp, "%d ", *p++); /* selector */
- sp += sprintf(CS sp, "%d ", *p++); /* matchtype */
- while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
- sp += sprintf(CS sp, "%02x", *p++);
+ sp += sprintf(CS sp, "%d ", *p++); /* usage */
+ sp += sprintf(CS sp, "%d ", *p++); /* selector */
+ sp += sprintf(CS sp, "%d ", *p++); /* matchtype */
+ while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
+ sp += sprintf(CS sp, "%02x", *p++);
- debug_printf(" %s\n", s);
- }
+ debug_printf(" %s\n", s);
+ }
}
return OK;
}
