From 06830bd78d2cf43b9d544e3792711cbb60d1c27a Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@intel.com>
Date: Fri, 12 May 2023 16:23:32 -0700
Subject: QDnsLookup: reject looking up domain names that are too long
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Both the libresolv and the Win32 API operate in 32-bit quantities, so we
could be aliasing with low values. In any case, RFC 1035 limits to 255.

    Various objects and parameters in the DNS have size limits.  They are
    listed below.  Some could be easily changed, others are more
    fundamental.

    labels          63 octets or less

    names           255 octets or less

Pick-to: 6.5
Change-Id: I3e3bfef633af4130a03afffd175e8957cd860bef
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
---
 src/network/kernel/qdnslookup.cpp | 4 +++-
 src/network/kernel/qdnslookup_p.h | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/network/kernel/qdnslookup.cpp b/src/network/kernel/qdnslookup.cpp
index 2d9ada7f41..04662acece 100644
--- a/src/network/kernel/qdnslookup.cpp
+++ b/src/network/kernel/qdnslookup.cpp
@@ -977,10 +977,12 @@ void QDnsLookupRunnable::run()
     QDnsLookupReply reply;
 
     // Validate input.
-    if (requestName.isEmpty()) {
+    if (qsizetype n = requestName.size(); n > MaxDomainNameLength || n == 0) {
         reply.error = QDnsLookup::InvalidRequestError;
         reply.errorString = tr("Invalid domain name");
         emit finished(reply);
+        if (n)
+            qWarning("QDnsLookup: domain name being looked up is too long (%lld bytes)", n);
         return;
     }
 
diff --git a/src/network/kernel/qdnslookup_p.h b/src/network/kernel/qdnslookup_p.h
index 3b0c476c2a..522cb7d073 100644
--- a/src/network/kernel/qdnslookup_p.h
+++ b/src/network/kernel/qdnslookup_p.h
@@ -31,6 +31,7 @@ QT_BEGIN_NAMESPACE
 
 //#define QDNSLOOKUP_DEBUG
 
+constexpr qsizetype MaxDomainNameLength = 255;
 constexpr quint16 DnsPort = 53;
 
 class QDnsLookupRunnable;
-- 
cgit v1.2.1