QDnsLookup/Unix: make sure we don't overflow the buffer (!250) · Merge requests · Qt Project / qt / qtbase

Andreas Sturmlechner requested to merge asturmlechner/qtbase:asturmlechner/QDnsLookup-no-buffer-overflow into kde/5.15 May 18, 2023

The DNS Records are variable length and encode their size in 16 bits before the Record Data (RDATA). Ensure that both the RDATA and the Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

[ChangeLog][QtNetwork][QDnsLookup] Fixed a bug that could cause a buffer overflow in Unix systems while parsing corrupt, malicious, or truncated replies.

Pick-to: 5.15 6.2 6.5 6.5.1 Change-Id: I3e3bfef633af4130a03afffd175e4b9547654b95 Reviewed-by: Mårten Nordheim marten.nordheim@qt.io Reviewed-by: Jani Heikkinen jani.heikkinen@qt.io (cherry picked from commit 7dba2c87)

asturmlechner 2023-05-18: Resolve conflict with dev branch commit 68b62590

QDnsLookup/Unix: make sure we don't overflow the buffer

Merge request reports