SECURITY: DKIM DNS buffer overflow protection

[exim.git] / src / src / pdkim / pdkim.h

diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h
index 764cc83be87c510f10f3392f2710d00c6592b3b8..1d364a3c9dd9ad16495615f339484ea0097845ae 100644 (file)
--- a/src/src/pdkim/pdkim.h
+++ b/src/src/pdkim/pdkim.h
@@ -27,8 +27,8 @@
 
 /* -------------------------------------------------------------------------- */
 /* Length of the preallocated buffer for the "answer" from the dns/txt
-   callback function. */
-#define PDKIM_DNS_TXT_MAX_RECLEN    4096
+   callback function. This should match the maximum RDLENGTH from DNS. */
+#define PDKIM_DNS_TXT_MAX_RECLEN    (1 << 16)
 
 /* -------------------------------------------------------------------------- */
 /* Function success / error codes */