[automerger] Make dnsmasq more stable. am: f25df86146 am: 284fd86f87 am: 31b84030c5 am: d774c6e919 am: 52450e4dde am: 054c9876ff

Change-Id: Ifd6d2fb0386fa093885e5490960a071f01410879
author: Lorenzo Colitti <lorenzo@google.com> 2017-08-15 06:10:41 +0000
committer: Lorenzo Colitti <lorenzo@google.com> 2017-08-15 06:10:41 +0000
commit: d766eb677ebb0d9fd5a14fc58314272f6464b38a (patch)
tree: 51857a8e3fdb733c19c1e060b9969836d727728e
parent: b955ca6befab20bc858dcaa6dc1f7f081725f2ac (diff)
parent: 054c9876ffd007ea316f1e3390c79516c1997464 (diff)
download: dnsmasq-d766eb677ebb0d9fd5a14fc58314272f6464b38a.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/src/rfc1035.c b/src/rfc1035.c
index ca5ceba..a12c3b0 100755
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -48,7 +48,7 @@ static int extract_name(HEADER *header, size_t plen, unsigned char **pp,
 	/* end marker */
 	{
 	  /* check that there are the correct no of bytes after the name */
-	  if (!CHECK_LEN(header, p, plen, extrabytes))
+	  if (!CHECK_LEN(header, p1 ? p1 : p, plen, extrabytes))
 	    return 0;
 	  
 	  if (isExtract)
@@ -1140,6 +1140,9 @@ size_t answer_request(HEADER *header, char *limit, size_t qlen,
   struct crec *crecp;
   int nxdomain = 0, auth = 1, trunc = 0;
   struct mx_srv_record *rec;
+
+  // Make sure we do not underflow here too.
+  if (qlen > (limit - ((char *)header))) return 0;
  
   /* If there is an RFC2671 pseudoheader then it will be overwritten by
      partial replies, so we have to do a dry run to see if we can answer
author	Lorenzo Colitti <lorenzo@google.com>	2017-08-15 06:10:41 +0000
committer	Lorenzo Colitti <lorenzo@google.com>	2017-08-15 06:10:41 +0000
commit	d766eb677ebb0d9fd5a14fc58314272f6464b38a (patch)
tree	51857a8e3fdb733c19c1e060b9969836d727728e
parent	b955ca6befab20bc858dcaa6dc1f7f081725f2ac (diff)
parent	054c9876ffd007ea316f1e3390c79516c1997464 (diff)
download	dnsmasq-d766eb677ebb0d9fd5a14fc58314272f6464b38a.tar.gz