dnsdist: Account for the proxy protocol payload when checking the query size

diff --git a/pdns/dnsdistdist/doh.cc b/pdns/dnsdistdist/doh.cc
index 268e6f97d30e444c3fa2380b22050b1cab55afb8..aa1fad141ec4dba0f116285f0c213f03bc8cb31b 100644 (file)
--- a/pdns/dnsdistdist/doh.cc
+++ b/pdns/dnsdistdist/doh.cc
@@ -1320,7 +1320,10 @@ static void on_dnsdist(h2o_socket_t *listener, const char *err)
       continue;
     }
 
-    if (!du->tcp && du->truncated && du->query.size() > sizeof(dnsheader)) {
+    if (!du->tcp &&
+        du->truncated &&
+        du->query.size() > du->proxyProtocolPayloadSize &&
+        (du->query.size() - du->proxyProtocolPayloadSize) > sizeof(dnsheader)) {
       /* restoring the original ID */
       dnsheader* queryDH = reinterpret_cast<struct dnsheader*>(du->query.data() + du->proxyProtocolPayloadSize);
       queryDH->id = du->ids.origID;