Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2017-13704, which resulted in a crash on a large DNS query.

Browse Source 
A DNS query recieved by UDP which exceeds 512 bytes (or the EDNS0 packet size,
if different.) is enough to cause SIGSEGV.
This commit is contained in:
Simon Kelley
2017-09-06 22:34:21 +01:00
parent 69a815aa8f
commit 63437ffbb5
4 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/auth.c
View File

@@ -119,11 +119,6 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
struct cname *a, *candidate;
unsigned int wclen;
/* Clear buffer beyond request to avoid risk of
information disclosure. */
memset(((char *)header) + qlen, 0,
(limit - ((char *)header)) - qlen);
if (ntohs(header->qdcount) == 0 || OPCODE(header) != QUERY )
return 0;