Add potential buffer overrun check.

[icmp-dn.git] / src / idnlookup.c

diff --git a/src/idnlookup.c b/src/idnlookup.c
index c384796..0fd367f 100644 (file)
--- a/src/idnlookup.c
+++ b/src/idnlookup.c
@@ -78,6 +78,10 @@ void printdn(FILE *f, unsigned char *dnbuf, size_t size, int onlyfirst)
                fprintf(stderr, "domain name decompression not implemented, aborting\n");
                exit(1);
            }
+           if((int)*p + (p - dnbuf) >= size) {
+               fprintf(stderr, "malformed domain name\n");
+               return;
+           }
            fprintf(f, "%.*s", (int)*p, p + 1);
            p += 1 + (int)*p;
            if(*p != 0)