auth: Treat requestor's payload size lower than 512 as equal to 512

author Remi Gacogne <remi.gacogne@powerdns.com>

Thu, 7 Sep 2017 07:43:53 +0000 (09:43 +0200)

committer Remi Gacogne <remi.gacogne@powerdns.com>

Mon, 11 Sep 2017 08:20:26 +0000 (10:20 +0200)
author Remi Gacogne <remi.gacogne@powerdns.com>
Thu, 7 Sep 2017 07:43:53 +0000 (09:43 +0200)
committer Remi Gacogne <remi.gacogne@powerdns.com>
Mon, 11 Sep 2017 08:20:26 +0000 (10:20 +0200)
diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc

index e40f88114fab580c7007cb469eef5e9ec50f500a..e03f7fad9b5d86f15e4e77cce8b3017d62d1607e 100644 (file)
--- a/pdns/dnspacket.cc
+++ b/pdns/dnspacket.cc
@@ -551,7 +551,10 @@ try
  
    if(getEDNSOpts(mdp, &edo)) {
      d_haveednssection=true;
-    d_maxreplylen=std::min(edo.d_packetsize, s_udpTruncationThreshold);
+    /* rfc6891 6.2.3:
+       "Values lower than 512 MUST be treated as equal to 512."
+    */
+    d_maxreplylen=std::min(std::max(static_cast<uint16_t>(512), edo.d_packetsize), s_udpTruncationThreshold);
  //    cerr<<edo.d_Z<<endl;
      if(edo.d_Z & EDNSOpts::DNSSECOK)
        d_dnssecOk=true;
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Thu, 7 Sep 2017 07:43:53 +0000 (09:43 +0200)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 11 Sep 2017 08:20:26 +0000 (10:20 +0200)