Received: from saint-elmos-fire.mit.edu (tlyu@SAINT-ELMOS-FIRE.MIT.EDU [18.18.0.248]) by krbdev.mit.edu (8.9.3) with ESMTP id TAA28123; Thu, 10 Oct 2002 19:27:19 -0400 (EDT)
Received: (from tlyu@localhost) by saint-elmos-fire.mit.edu (8.9.3) id TAA29037; Thu, 10 Oct 2002 19:27:17 -0400 (EDT)
To: rt@krbdev.mit.edu
Subject: Re: [krbdev.mit.edu #1216]
References: <rt-1216-3170.11.5430184471819@krbdev.mit.edu>
From: Tom Yu <tlyu@mit.edu>
Date: Thu, 10 Oct 2002 19:27:17 -0400
In-Reply-To: <rt-1216-3170.11.5430184471819@krbdev.mit.edu> ("The RT System itself via RT"'s message of "Wed, 9 Oct 2002 16:23:07 -0400 (EDT)")
Message-Id: <ldvlm55kh7u.fsf@saint-elmos-fire.mit.edu>
Lines: 25
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
RT-Send-Cc: 
X-RT-Original-Encoding: us-ascii
Content-Length: 721

Thanks for the patch...

>>>>> "nalin" == The RT System itself via RT <rt-comment@krbdev.mit.edu> writes:
nalin> --- src/lib/krb5/os/locate_kdc.c	2002-10-09 14:15:57.000000000 -0400
nalin> +++ src/lib/krb5/os/locate_kdc.c	2002-10-09 14:59:26.000000000 -0400
nalin> @@ -391,7 +391,7 @@
 
nalin>      size = res_search(host, C_IN, T_SRV, answer.bytes, sizeof(answer.bytes));
 
nalin> -    if (size < hdrsize)
nalin> +    if ((size < hdrsize) || (size > sizeof(answer.bytes))
nalin>  	goto out;
 
nalin>      /*
nalin> @@ -463,6 +463,8 @@
nalin>          CHECK(p,2);
nalin>  	rdlen = NTOHSP(p,2);
 
nalin> +	CHECK(p,rdlen);
nalin> +

Could you please explain why this check for rdlen was added?  It seems
redundant.

---Tom