From 1c02193ddba690d40cf67d35f1fb46873adcc0d5 Mon Sep 17 00:00:00 2001
From: Ralph Dolmans <ralph@nlnetlabs.nl>
Date: Wed, 12 Apr 2017 13:12:21 +0000
Subject: [PATCH] - Fix #1249: unbound doesn't return FORMERR to bogus ECS.

git-svn-id: file:///svn/unbound/trunk@4110 be551aaa-1e26-0410-a405-d3ace91eadb9
---
 doc/Changelog           | 1 +
 edns-subnet/subnetmod.c | 9 +++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/doc/Changelog b/doc/Changelog
index 79aa018e1..0b09222b1 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -2,6 +2,7 @@
 	- Fix #1247: unbound does not shorten source prefix length when
 	  forwarding ECS.
 	- Properly check for allocation failure in local_data_find_tag_datas.
+	- Fix #1249: unbound doesn't return FORMERR to bogus ECS.
 
 11 April 2017: Ralph
 	- Display ECS module memory usage.
diff --git a/edns-subnet/subnetmod.c b/edns-subnet/subnetmod.c
index 5afbd2fc5..4008004e4 100644
--- a/edns-subnet/subnetmod.c
+++ b/edns-subnet/subnetmod.c
@@ -661,9 +661,14 @@ subnetmod_operate(struct module_qstate *qstate, enum module_ev event,
 		if((ecs_opt = edns_opt_list_find(
 			qstate->edns_opts_front_in,
 			qstate->env->cfg->client_subnet_opcode))) {
-			if(parse_subnet_option(ecs_opt, &sq->ecs_client_in)) {
-				sq->subnet_downstream = 1;
+			if(!parse_subnet_option(ecs_opt, &sq->ecs_client_in)) {
+				/* Wrongly formatted ECS option. RFC mandates to
+				 * return FORMERROR. */
+				qstate->return_rcode = LDNS_RCODE_FORMERR;
+				qstate->ext_state[id] = module_finished;
+				return;
 			}
+			sq->subnet_downstream = 1;
 		}
 		else if(qstate->mesh_info->reply_list) {
 			subnet_option_from_ss(
-- 
2.47.3