@@ -, +, @@ 
---
 doc/doc-txt/ChangeLog |    8 ++++++++
 src/src/dkim.c        |    3 +++
 src/src/pdkim/pdkim.h |    4 ++--
 3 files changed, 13 insertions(+), 2 deletions(-)
--- exim4-4.76.orig/src/dkim.c	2011-05-09 04:36:25.000000000 -0400
+++ exim4-4.76.orig/src/dkim.c	2012-10-25 08:26:24.009726695 -0400
@@ -44,6 +44,9 @@ 
                "%.*s", (int)len, (char *)((rr->data)+rr_offset));
       rr_offset+=len;
       answer_offset+=len;
+      if (answer_offset >= PDKIM_DNS_TXT_MAX_RECLEN) {
+        return PDKIM_FAIL;
+      }
     }
   }
   else return PDKIM_FAIL;
--- exim4-4.76.orig/src/pdkim/pdkim.h	2011-05-09 04:36:25.000000000 -0400
+++ exim4-4.76.orig/src/pdkim/pdkim.h	2012-10-25 08:26:24.009726695 -0400
@@ -29,8 +29,8 @@ 
 
 /* -------------------------------------------------------------------------- */
 /* Length of the preallocated buffer for the "answer" from the dns/txt
-   callback function. */
-#define PDKIM_DNS_TXT_MAX_RECLEN    4096
+   callback function. This should match the maximum RDLENGTH from DNS. */
+#define PDKIM_DNS_TXT_MAX_RECLEN    (1 << 16)
 
 /* -------------------------------------------------------------------------- */
 /* Function success / error codes */