From: Grigorii Demidov <grigorii.demidov@nic.cz>
Date: Thu, 28 Jun 2018 12:02:43 +0000 (+0200)
Subject: daemon/worker: upstream's answer integrity check
X-Git-Tag: v2.4.0~2^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=87f8cf428d6904774f3a8cba1179e72cea9938c7;p=thirdparty%2Fknot-resolver.git

daemon/worker: upstream's answer integrity check
---

diff --git a/Makefile b/Makefile
index ad3721093..3948e8346 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,7 @@ lint-lua: $(patsubst %.lua.in,%.lua,$(wildcard */*/*.lua.in))
 .PHONY: all install check clean doc info lint
 
 # Dependencies
-KNOT_MINVER := 2.6.4
+KNOT_MINVER := 2.6.7
 $(eval $(call find_lib,libknot,$(KNOT_MINVER),yes))
 $(eval $(call find_lib,libdnssec,$(KNOT_MINVER),yes))
 $(eval $(call find_lib,libzscanner,$(KNOT_MINVER),yes))
diff --git a/NEWS b/NEWS
index 3813fee17..c17451671 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,6 @@
 Incompatible changes
 --------------------
-- minimal libknot version is now 2.6.7 to pull in latest fixes
+- minimal libknot version is now 2.6.7 to pull in latest fixes (#366)
 
 Security
 --------
diff --git a/daemon/worker.c b/daemon/worker.c
index b3cb8196d..7adc79c34 100644
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -1872,16 +1872,17 @@ static int parse_packet(knot_pkt_t *query)
 
 	/* Parse query packet. */
 	int ret = knot_pkt_parse(query, 0);
-	if (ret != KNOT_EOK) {
-		return kr_error(EPROTO); /* Ignore malformed query. */
-	}
-
-	/* Check if at least header is parsed. */
-	if (query->parsed < query->size) {
-		return kr_error(EMSGSIZE);
+	if (ret == KNOT_ETRAIL) {
+		/* Extra data after message end. */
+		ret = kr_error(EMSGSIZE);
+	} else if (ret != KNOT_EOK) {
+		/* Malformed query. */
+		ret = kr_error(EPROTO);
+	} else {
+		ret = kr_ok();
 	}
 
-	return kr_ok();
+	return ret;
 }
 
 static struct qr_task* find_task(const struct session *session, uint16_t msg_id)
@@ -1918,7 +1919,7 @@ int worker_submit(struct worker_ctx *worker, uv_handle_t *handle,
 	 * or resume if this is subrequest */
 	struct qr_task *task = NULL;
 	if (!session->outgoing) { /* request from a client */
-		/* Ignore badly formed queries or responses. */
+		/* Ignore badly formed queries. */
 		if (!query || ret != 0 || knot_wire_get_qr(query->wire)) {
 			if (query) worker->stats.dropped += 1;
 			return kr_error(EILSEQ);
@@ -1941,6 +1942,11 @@ int worker_submit(struct worker_ctx *worker, uv_handle_t *handle,
 		}
 		addr = NULL;
 	} else if (query) { /* response from upstream */
+		if ((ret != kr_ok() && ret != kr_error(EMSGSIZE)) ||
+		    !knot_wire_get_qr(query->wire)) {
+			/* Ignore badly formed responses. */
+			return kr_error(EILSEQ);
+		}
 		task = find_task(session, knot_wire_get_id(query->wire));
 		if (task == NULL) {
 			return kr_error(ENOENT);