$OpenBSD: patch-lib_rfc1035_c,v 1.1 2010/02/03 06:41:17 jasper Exp $

Security fix for CVE-2010-0308, "Squid DNS Packet Processing
Denial of Service Vulnerability"

Patch from upstream svn, changeset 12597.

--- lib/rfc1035.c.orig	Tue Feb  2 14:50:56 2010
+++ lib/rfc1035.c	Tue Feb  2 14:51:24 2010
@@ -286,7 +286,9 @@ rfc1035NameUnpack(const char *buf, size_t sz, int *off
     size_t len;
     assert(ns > 0);
     do {
-	assert((*off) < sz);
+	if ((*off) >= sz) {
+	    return 1;
+	}
 	c = *(buf + (*off));
 	if (c > 191) {
 	    /* blasted compression */
