blob: a72b7e5b8d0733c22b816a2e38590addbda70704 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From: =?utf-8?b?VmxhZGltw61yIMSMdW7DoXQ=?= <vladimir.cunat@nic.cz>
Date: Mon, 12 Feb 2024 11:16:37 +0100
Subject: validator: limit the amount of work on SHA1 in NSEC3 proofs
---
lib/dnssec/nsec3.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/lib/dnssec/nsec3.c b/lib/dnssec/nsec3.c
index e4d314b..4199f25 100644
--- a/lib/dnssec/nsec3.c
+++ b/lib/dnssec/nsec3.c
@@ -146,6 +146,18 @@ static int closest_encloser_match(int *flags, const knot_rrset_t *nsec3,
const knot_dname_t *encloser = knot_wire_next_label(name, NULL);
*skipped = 1;
+ /* Avoid doing too much work on SHA1, mitigating:
+ * CVE-2023-50868: NSEC3 closest encloser proof can exhaust CPU
+ * We log nothing here; it wouldn't be easy from this place
+ * and huge SNAME should be suspicious on its own.
+ */
+ const int max_labels = knot_dname_labels(nsec3->owner, NULL) - 1
+ + kr_nsec3_max_depth(¶ms);
+ for (int l = knot_dname_labels(encloser, NULL); l > max_labels; --l) {
+ encloser = knot_wire_next_label(encloser, NULL);
+ ++(*skipped);
+ }
+
while(encloser) {
ret = hash_name(&name_hash, ¶ms, encloser);
if (ret != 0)
|
