Mercurial > pidgin3 / file diff

diff: libpurple/dnsquery.c

libpurple/dnsquery.c

changeset 36002
31a8779e91d4
parent 35854
ed4fd1030878
parent 35999
5841bd4da162
child 36257
c5445f25f90f
--- a/libpurple/dnsquery.c	Tue May 06 18:27:58 2014 +0200
+++ b/libpurple/dnsquery.c	Wed May 07 11:07:45 2014 +0200
@@ -33,6 +33,8 @@
 #include <resolv.h>
 #endif
 
+#define MAX_ADDR_RESPONSE_LEN 1048576
+
 #if (defined(__APPLE__) || defined (__unix__)) && !defined(__osf__)
 #define PURPLE_DNSQUERY_USE_FORK
 #endif
@@ -664,7 +666,7 @@
 		/* Success! */
 		while (rc > 0) {
 			rc = read(query_data->resolver->fd_out, &addrlen, sizeof(addrlen));
-			if (rc > 0 && addrlen > 0) {
+			if (rc > 0 && addrlen > 0 && addrlen < MAX_ADDR_RESPONSE_LEN) {
 				addr = g_malloc(addrlen);
 				rc = read(query_data->resolver->fd_out, addr, addrlen);
 				hosts = g_slist_append(hosts, GINT_TO_POINTER(addrlen));

Mercurial Repository: pidgin3

mercurial