openbsd-compat/getrrsetbyname.c: answer buffer size too large for EDNS0 and glibc

Hauke Lampe list+opensshdev at
Sat Jul 4 01:47:54 EST 2009

Damien Miller wrote:

> No, but doesn't the glibc bug need to be fixed too? There is nothing in
> the res_query(3) documentation that specifies integer overflow of the
> length argument.

I agree. If larger buffers are allowed in res_* arguments, the library
should cap EDNS0 buffer size at 65535.

Until a fix for this reaches main distributions, getrrsetbyname should
work around it, though, IMHO.

I took this to the glibc maintainer and Ubuntu:


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the openssh-unix-dev mailing list