From c18b1adbdaea702c669e08f73d17ab9c9e1749eb Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 12 Sep 2024 17:08:36 +0200 Subject: [PATCH] resolved: explicitly refuse adding invalid DNS names to DNS packets Fixes: #33671 (cherry picked from commit e63785611713cab0131599565cb3a1bb505640c7) --- src/resolve/resolved-dns-packet.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c index c496e54e5ec141..f0d8f716dfc47f 100644 --- a/src/resolve/resolved-dns-packet.c +++ b/src/resolve/resolved-dns-packet.c @@ -564,6 +564,12 @@ int dns_packet_append_name( assert(p); assert(name); + r = dns_name_is_valid(name); + if (r < 0) + return r; + if (r == 0) + return -EINVAL; + if (p->refuse_compression) allow_compression = false;