From 34acf5a99214639e5e7792a9e85d24c9fd7640ac Mon Sep 17 00:00:00 2001
From: Gary Lockyer <gary@catalyst.net.nz>
Date: Thu, 3 Aug 2017 15:12:51 +1200
Subject: dnsserver: Tighten DNS name checking

Add checks for the maximum permitted length, maximum number of labels
and the maximum label length.  These extra checks will be used by the
DNS wild card handling.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12952
---
 librpc/idl/dns.idl | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'librpc')

diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index aebb106b053..8e8eed5ab23 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -18,6 +18,9 @@ import "misc.idl", "dnsp.idl";
 interface dns
 {
 	const int DNS_SERVICE_PORT       = 53;
+	const int DNS_MAX_LABELS         = 127;
+	const int DNS_MAX_DOMAIN_LENGTH  = 253;
+	const int DNS_MAX_LABEL_LENGTH   = 63;
 
 	typedef [public,bitmap16bit] bitmap {
 		DNS_RCODE                   = 0x000F,
-- 
cgit v1.2.1