# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1332417438 0
# Node ID 1bddc91e78d6a68575cf7e23e486e57bc22f935f
# Parent  555ca31dea18b20683af78892f37d507c4ac4bd2
Resolver: added missing sanity checking when creating name queries.

Found by Veracode.

diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
--- a/src/core/ngx_resolver.c
+++ b/src/core/ngx_resolver.c
@@ -1840,7 +1840,7 @@ ngx_resolver_create_name_query(ngx_resol
             len++;
 
         } else {
-            if (len == 0) {
+            if (len == 0 || len > 255) {
                 return NGX_DECLINED;
             }
 
@@ -1851,6 +1851,10 @@ ngx_resolver_create_name_query(ngx_resol
         p--;
     }
 
+    if (len == 0 || len > 255) {
+        return NGX_DECLINED;
+    }
+
     *p = (u_char) len;
 
     return NGX_OK;