webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 11:43:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
79f2a76bc303276bf32f103ee081be949a4c69c2
bpfire/src/patches/dnsmasq/0073-Fix-crash-on-receipt-of-certain-malformed-DNS-reques.patch
Michael Tremer efbd3a9abc dnsmasq: Import patches from upstream
2015-05-20 23:35:38 +02:00

62 lines
2.1 KiB
Diff
Raw Blame History

From ad4a8ff7d9097008d7623df8543df435bfddeac8 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Thu, 9 Apr 2015 21:48:00 +0100
Subject: [PATCH 73/98] Fix crash on receipt of certain malformed DNS requests.
---
CHANGELOG | 3 +++
src/rfc1035.c | 9 ++++++---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 6aa3d851a297..9af617056f1f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -125,6 +125,9 @@ version 2.72
Fix problem with --local-service option on big-endian platforms
Thanks to Richard Genoud for the patch.
+ Fix crash on receipt of certain malformed DNS requests. Thanks
+ to Nick Sampanis for spotting the problem.
+
version 2.71
Subtle change to error handling to help DNSSEC validation
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 7a07b0cee906..a995ab50d74a 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1198,7 +1198,10 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,
size_t setup_reply(struct dns_header *header, size_t qlen,
struct all_addr *addrp, unsigned int flags, unsigned long ttl)
{
- unsigned char *p = skip_questions(header, qlen);
+ unsigned char *p;
+
+ if (!(p = skip_questions(header, qlen)))
+ return 0;
/* clear authoritative and truncated flags, set QR flag */
header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;
@@ -1214,7 +1217,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
SET_RCODE(header, NOERROR); /* empty domain */
else if (flags == F_NXDOMAIN)
SET_RCODE(header, NXDOMAIN);
- else if (p && flags == F_IPV4)
+ else if (flags == F_IPV4)
{ /* we know the address */
SET_RCODE(header, NOERROR);
header->ancount = htons(1);
@@ -1222,7 +1225,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);
}
#ifdef HAVE_IPV6
- else if (p && flags == F_IPV6)
+ else if (flags == F_IPV6)
{
SET_RCODE(header, NOERROR);
header->ancount = htons(1);
--
2.1.0
Reference in New Issue View Git Blame Copy Permalink