dns_resolver: assure that dns_query() result is null-terminated

dns_query() credulously assumes that keys are null-terminated and
returns a copy of a memory block that is off by one.

Signed-off-by: Manuel Schölling <manuel.schoelling@gmx.de>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index e7b6d53eef88d250d6a93e3a75f26c3a6cad4cba..6853d22ebc071a4001663f7e3d40e9cee1fecb76 100644 (file)
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -149,7 +149,9 @@ int dns_query(const char *type, const char *name, size_t namelen,
        if (!*_result)
                goto put;
 
-       memcpy(*_result, upayload->data, len + 1);
+       memcpy(*_result, upayload->data, len);
+       *_result[len] = '\0';
+
        if (_expiry)
                *_expiry = rkey->expiry;