From 6c3a0b54ed8ace93d5b5ca7b8078dc87e75cd640 Mon Sep 17 00:00:00 2001
From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
Date: Tue, 3 Dec 2019 16:18:47 +0100
Subject: [PATCH] - Fix Out of Bound Write Compressed Names in rdata_copy(),  
 reported by X41 D-Sec.

---
 doc/Changelog        | 2 ++
 util/data/msgreply.c | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/Changelog b/doc/Changelog
index bceb443e3..7e592710c 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -17,6 +17,8 @@
 	  reported by X41 D-Sec.
 	- Fix Insufficient Handling of Compressed Names in dname_pkt_copy(),
 	  reported by X41 D-Sec.
+	- Fix Out of Bound Write Compressed Names in rdata_copy(),
+	  reported by X41 D-Sec.
 
 2 December 2019: Wouter
 	- Merge pull request #122 from he32: In tcp_callback_writer(),
diff --git a/util/data/msgreply.c b/util/data/msgreply.c
index a2c09ac20..4320f312d 100644
--- a/util/data/msgreply.c
+++ b/util/data/msgreply.c
@@ -243,10 +243,10 @@ rdata_copy(sldns_buffer* pkt, struct packed_rrset_data* data, uint8_t* to,
 				break;
 			}
 			if(len) {
+				log_assert(len <= pkt_len);
 				memmove(to, sldns_buffer_current(pkt), len);
 				to += len;
 				sldns_buffer_skip(pkt, (ssize_t)len);
-				log_assert(len <= pkt_len);
 				pkt_len -= len;
 			}
 			rdf++;