Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix hang in DNS analyzer with malformed packet

Browse source 
(cherry picked from commit dfc9f77b68f6d02d059ade322b9c132e32c26872)
This commit is contained in:
Tim Wojtulewicz 2022-05-27 14:23:04 -07:00
parent 41aa8b2349
commit 9964a46402
4 changed files with 22 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
src/analyzer/protocol/dns/DNS.cc
View file

@ -236,6 +236,11 @@ bool DNS_Interpreter::ParseAnswer(detail::DNS_MsgInfo* msg, const u_char*& data,
analyzer->Weird("DNS_truncated_RR_rdlength_lt_len");
return false;
}
else if ( rdlength == 0 && len > 0 )
{
analyzer->Weird("DNS_zero_rdlength");
return false;
}
bool status;
switch ( msg->atype )
@ -690,8 +695,9 @@ bool DNS_Interpreter::ParseRR_EDNS(detail::DNS_MsgInfo* msg, const u_char*& data
analyzer->EnqueueConnEvent(dns_EDNS_addl, analyzer->ConnVal(), msg->BuildHdrVal(),
msg->BuildEDNS_Val());
// parse EDNS options
while ( len > 0 )
// parse EDNS options. length has to be at least 4 to parse out the option
// code and length.
while ( len >= 4 )
{
uint16_t option_code = ExtractShort(data, len);
int option_len = ExtractShort(data, len);
@ -891,6 +897,12 @@ bool DNS_Interpreter::ParseRR_EDNS(detail::DNS_MsgInfo* msg, const u_char*& data
}
}
if ( len > 0 )
{
analyzer->Weird("EDNS_truncated_option");
return false;
}
return true;
}