dns/probe: check that a request has at least one query

author Philippe Antoine <pantoine@oisf.net>

Thu, 3 Oct 2024 13:16:44 +0000 (15:16 +0200)

committer Victor Julien <victor@inliniac.net>

Fri, 20 Dec 2024 06:55:46 +0000 (07:55 +0100)
author Philippe Antoine <pantoine@oisf.net>
Thu, 3 Oct 2024 13:16:44 +0000 (15:16 +0200)
committer Victor Julien <victor@inliniac.net>
Fri, 20 Dec 2024 06:55:46 +0000 (07:55 +0100)
diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs

index 11ebfb1a4c1c483acc740abc6eadf5e3cf3e9e10..1dad2a94d99e32b6961d5a8add2fc0161048270d 100644 (file)
--- a/rust/src/dns/dns.rs
+++ b/rust/src/dns/dns.rs
@@ -789,6 +789,9 @@ fn probe_header_validity(header: &DNSHeader, rlen: usize) -> (bool, bool, bool)
      }
  
      let is_request = header.flags & 0x8000 == 0;
+    if is_request && header.questions == 0 {
+        return (false, false, false);
+    }
      return (true, is_request, false);
  }
author	Philippe Antoine <pantoine@oisf.net>
	Thu, 3 Oct 2024 13:16:44 +0000 (15:16 +0200)
committer	Victor Julien <victor@inliniac.net>
	Fri, 20 Dec 2024 06:55:46 +0000 (07:55 +0100)