From: Remi Gacogne <rgacogne-github@coredump.fr>
Date: Fri, 27 Nov 2015 14:00:36 +0000 (+0100)
Subject: Check the length of TCP queries
X-Git-Tag: dnsdist-1.0.0-alpha1~183^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F2947%2Fhead;p=thirdparty%2Fpdns.git

Check the length of TCP queries

There is no point in trying to parse queries whose length
is < sizeof(dnsheader).
---

diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index a69c0ae728..a24680b852 100644
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -146,7 +146,12 @@ void* tcpClientThread(int pipefd)
       for(;;) {      
         if(!getNonBlockingMsgLen(ci.fd, &qlen, g_tcpRecvTimeout))
           break;
-        
+
+        if (qlen < sizeof(dnsheader)) {
+          g_stats.nonCompliantQueries++;
+          break;
+        }
+
         char query[qlen];
         readn2WithTimeout(ci.fd, query, qlen, g_tcpRecvTimeout);
 	uint16_t qtype;