Added guard clauses for secret file loading

zbalkan · zbalkan · commit 114c2df7525f · 2026-02-19T12:17:22.000+02:00
diff --git a/DnsServerCore/Dns/Security/DnsCookieSecretManager.cs b/DnsServerCore/Dns/Security/DnsCookieSecretManager.cs
@@ -66,14 +66,24 @@ private void Load()
                             if (version == 1)
                             {
                                 _currentSecretCreated = new DateTime(br.ReadInt64(), DateTimeKind.Utc);
-                                
-                                int currentLen = br.ReadInt32();
+
+                                int currentLen = br.ReadInt32(); // TODO: Validate length if between 8 and 256 bytes
+                                if (currentLen < 8 || currentLen > 256)
+                                    throw new InvalidDataException("Invalid current secret length.");
+
                                 _currentSecret = br.ReadBytes(currentLen);
 
                                 int previousLen = br.ReadInt32();
+                                if (previousLen < 0 || previousLen > 256)
+                                    throw new InvalidDataException("Invalid previous secret length.");
+
                                 if (previousLen > 0)
                                     _previousSecret = br.ReadBytes(previousLen);
                             }
+                            else
+                            {
+                                throw new InvalidDataException("Unsupported secret file version.");
+                            }
                         }
                     }
                     catch
