dns: reject bad response data

diff --git a/src/app-layer-dns-tcp.c b/src/app-layer-dns-tcp.c
index f1cb597d2aef2ad0a97b5dfdeb19ba4ff3eadfc0..9e85ca2981196e3ad86f3d402e8692bb15d2708f 100644 (file)
--- a/src/app-layer-dns-tcp.c
+++ b/src/app-layer-dns-tcp.c
@@ -521,7 +521,9 @@ next_record:
         DNSTcpHeader *dns_tcp_header = (DNSTcpHeader *)input;
         SCLogDebug("DNS %p", dns_tcp_header);
 
-        if (ntohs(dns_tcp_header->len) == (input_len-2)) {
+        if (ntohs(dns_tcp_header->len) == 0) {
+            goto bad_data;
+        } else if (ntohs(dns_tcp_header->len) == (input_len-2)) {
             /* we have all data, so process w/o buffering */
             if (DNSReponseParseData(f, dns_state, input+2, input_len-2) < 0)
                 goto bad_data;