dns: fix OOB read on malformed TXT record

diff --git a/src/app-layer-dns-common.c b/src/app-layer-dns-common.c
index 0f4595ac2c845d4244fccf0f9fdcabec124d2a62..8c5bc02affa0850bb0a99003b6e3ba4635798d02 100644 (file)
--- a/src/app-layer-dns-common.c
+++ b/src/app-layer-dns-common.c
@@ -983,6 +983,12 @@ const uint8_t *DNSReponseParse(DNSState *dns_state, const DNSHeader * const dns_
         case DNS_RECORD_TYPE_TXT:
         {
             uint16_t datalen = ntohs(head->len);
+
+            if (datalen == 0) {
+                DNSSetEvent(dns_state, DNS_DECODER_EVENT_MALFORMED_DATA);
+                goto bad_data;
+            }
+
             uint8_t txtlen = *data;
             const uint8_t *tdata = data + 1;