From ad4a8ff7d9097008d7623df8543df435bfddeac8 Mon Sep 17 00:00:00 2001 From: Simon Kelley <simon@thekelleys.org.uk> Date: Thu, 9 Apr 2015 21:48:00 +0100 Subject: [PATCH] Fix crash on receipt of certain malformed DNS requests. --- CHANGELOG | 3 +++ src/rfc1035.c | 9 ++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) rediffed for dnsmasq 2.71 Index: dnsmasq-2.71/CHANGELOG =================================================================== --- CHANGELOG +++ CHANGELOG 2015-05-05 21:54:12.177133071 +0200 @@ -1,3 +1,6 @@ + Fix crash on receipt of certain malformed DNS requests. Thanks + to Nick Sampanis for spotting the problem. + version 2.71 Subtle change to error handling to help DNSSEC validation when servers fail to provide NODATA answers for Index: dnsmasq-2.71/src/rfc1035.c =================================================================== --- src/rfc1035.c +++ src/rfc1035.c 2015-05-05 21:53:15.504450556 +0200 @@ -1198,7 +1198,10 @@ size_t setup_reply(struct dns_header *header, size_t qlen, struct all_addr *addrp, unsigned int flags, unsigned long ttl) { - unsigned char *p = skip_questions(header, qlen); + unsigned char *p; + + if (!(p = skip_questions(header, qlen))) + return 0; /* clear authoritative and truncated flags, set QR flag */ header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR; @@ -1214,7 +1217,7 @@ SET_RCODE(header, NOERROR); /* empty domain */ else if (flags == F_NXDOMAIN) SET_RCODE(header, NXDOMAIN); - else if (p && flags == F_IPV4) + else if (flags == F_IPV4) { /* we know the address */ SET_RCODE(header, NOERROR); header->ancount = htons(1); @@ -1222,7 +1225,7 @@ add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp); } #ifdef HAVE_IPV6 - else if (p && flags == F_IPV6) + else if (flags == F_IPV6) { SET_RCODE(header, NOERROR); header->ancount = htons(1);