Handle malformed query packets sensibly.

Previously, hash_questions() would return a random hash if the packet was malformed, and probably the hash of a previous query. Now handle this as an error.
2025-12-19 18:28:25 +00:00 · 2022-01-09 23:21:55 +00:00
parent 8cfcd9ff63
commit 1033130b6c
2 changed files with 49 additions and 33 deletions
--- a/src/hash-questions.c
+++ b/src/hash-questions.c
@@ -55,7 +55,7 @@ unsigned char *hash_questions(struct dns_header *header, size_t plen, char *name
      char *cp, c;

      if (!extract_name(header, plen, &p, name, 1, 4))
-	break; /* bad packet */
+	return NULL; /* bad packet */

      for (cp = name; (c = *cp); cp++)
 	 if (c >= 'A' && c <= 'Z')
@@ -67,7 +67,7 @@ unsigned char *hash_questions(struct dns_header *header, size_t plen, char *name

      p += 4;
      if (!CHECK_LEN(header, p, plen, 0))
-	break; /* bad packet */
+	return NULL; /* bad packet */
    }
  
  hash->digest(ctx, hash->digest_size, digest);
@@ -109,7 +109,7 @@ unsigned char *hash_questions(struct dns_header *header, size_t plen, char *name
      char *cp, c;

      if (!extract_name(header, plen, &p, name, 1, 4))
-	break; /* bad packet */
+	return NULL; /* bad packet */

      for (cp = name; (c = *cp); cp++)
 	 if (c >= 'A' && c <= 'Z')
@@ -121,7 +121,7 @@ unsigned char *hash_questions(struct dns_header *header, size_t plen, char *name

      p += 4;
      if (!CHECK_LEN(header, p, plen, 0))
-	break; /* bad packet */
+	return NULL; /* bad packet */
    }
  
  sha256_final(&ctx, digest);