Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2017-13704, which resulted in a crash on a large DNS query.

Browse Source 
A DNS query recieved by UDP which exceeds 512 bytes (or the EDNS0 packet size,
if different.) is enough to cause SIGSEGV.
This commit is contained in:
Simon Kelley
2017-09-06 22:34:21 +01:00
parent 69a815aa8f
commit 63437ffbb5
4 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/rfc1035.c
View File

@@ -1223,11 +1223,6 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
struct mx_srv_record *rec;
size_t len;
/* Clear buffer beyond request to avoid risk of
information disclosure. */
memset(((char *)header) + qlen, 0,
(limit - ((char *)header)) - qlen);
if (ntohs(header->ancount) != 0 ||
ntohs(header->nscount) != 0 ||
ntohs(header->qdcount) == 0 ||