curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Unit test 1655

From: Daniel Stenberg via curl-library <>
Date: Tue, 12 Nov 2019 19:51:33 +0100 (CET)

On Tue, 12 Nov 2019, Niall.oReilly+lists--- via curl-library wrote:

> The very long name (`const char *bad = "` _et seq_.) is invalid
> according to RFCs 1034 and 1035 both because it is too long and because it
> contains embedded zero-length labels (which are represented by consecutive
> dots). A strict encoder should reject it early, and so frustrate the attempt
> to force a buffer overflow.

Ah! We should probably A) fix that and refuse such names with zero labels and
B) update the used host names in the test...

> A validly encoded pure (without EDNS) single query must fit in 272 (12 + 256
> + 4) octets, which is well below the buffer size of 512 provided in `struct
> dnsprobe`.

Then maybe that's an additional fix if we have no other reason for a larger

  / | Get the best commercial curl support there is - from me
                   | Private help, bug fixes, support, ports, new features
Received on 2019-11-12