git://git.exim.org / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SECURITY: DKIM DNS buffer overflow protection
[exim.git] / src / src / dkim.c
diff --git a/src/src/dkim.c b/src/src/dkim.c
index 2318cc394bef45e9ffda9b1784cb492943349fb6..05b5fec56e62073f4f5d1d1640ee42d7ca782bad 100644 (file)
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -1,5 +1,3 @@
-/* $Cambridge: exim/src/src/dkim.c,v 1.15 2010/06/12 13:54:38 jetmore Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
@@ -44,6 +42,9 @@ int dkim_exim_query_dns_txt(char *name, char *answer) {
                "%.*s", (int)len, (char *)((rr->data)+rr_offset));
       rr_offset+=len;
       answer_offset+=len;
+      if (answer_offset >= PDKIM_DNS_TXT_MAX_RECLEN) {
+        return PDKIM_FAIL;
+      }
     }
   }
   else return PDKIM_FAIL;
Master Exim source repository