QDnsLookup: reject looking up domain names that are too long

Both the libresolv and the Win32 API operate in 32-bit quantities, so we
could be aliasing with low values. In any case, RFC 1035 limits to 255.

    Various objects and parameters in the DNS have size limits.  They are
    listed below.  Some could be easily changed, others are more
    fundamental.

    labels          63 octets or less

    names           255 octets or less

Pick-to: 6.5
Change-Id: I3e3bfef633af4130a03afffd175e8957cd860bef
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>

src/network/kernel/qdnslookup.cpp

@@ -977,10 +977,12 @@ void QDnsLookupRunnable::run()
     QDnsLookupReply reply;
 
     // Validate input.
-    if (requestName.isEmpty()) {
+    if (qsizetype n = requestName.size(); n > MaxDomainNameLength || n == 0) {
         reply.error = QDnsLookup::InvalidRequestError;
         reply.errorString = tr("Invalid domain name");
         emit finished(reply);
+        if (n)
+            qWarning("QDnsLookup: domain name being looked up is too long (%lld bytes)", n);
         return;
     }
 

src/network/kernel/qdnslookup_p.h

@@ -31,6 +31,7 @@ QT_BEGIN_NAMESPACE
 
 //#define QDNSLOOKUP_DEBUG
 
+constexpr qsizetype MaxDomainNameLength = 255;
 constexpr quint16 DnsPort = 53;
 
 class QDnsLookupRunnable;