From 70542e525b343c3341fb1b8ef7ffe886916f73cd Mon Sep 17 00:00:00 2001 From: Adam Date: Sun, 19 Apr 2015 21:57:38 -0400 Subject: Fail invalid dns responses instead of drop --- src/coremods/core_dns.cpp | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/coremods/core_dns.cpp b/src/coremods/core_dns.cpp index 01e911efb..da468af5f 100644 --- a/src/coremods/core_dns.cpp +++ b/src/coremods/core_dns.cpp @@ -497,6 +497,7 @@ class MyManager : public Manager, public Timer, public EventHandler case ERROR_NOT_AN_ANSWER: case ERROR_NONSTANDARD_QUERY: case ERROR_FORMAT_ERROR: + case ERROR_MALFORMED: return "Malformed answer"; case ERROR_SERVER_FAILURE: case ERROR_NOT_IMPLEMENTED: @@ -539,17 +540,19 @@ class MyManager : public Manager, public Timer, public EventHandler } Packet recv_packet; + bool valid = false; try { recv_packet.Fill(buffer, length); + valid = true; } catch (Exception& ex) { ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, ex.GetReason()); - return; } + // recv_packet.id must be filled in here DNS::Request* request = this->requests[recv_packet.id]; if (request == NULL) { @@ -564,14 +567,20 @@ class MyManager : public Manager, public Timer, public EventHandler return; } - if (recv_packet.flags & QUERYFLAGS_OPCODE) + if (!valid) + { + ServerInstance->stats.DnsBad++; + recv_packet.error = ERROR_MALFORMED; + request->OnError(&recv_packet); + } + else if (recv_packet.flags & QUERYFLAGS_OPCODE) { ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Received a nonstandard query"); ServerInstance->stats.DnsBad++; recv_packet.error = ERROR_NONSTANDARD_QUERY; request->OnError(&recv_packet); } - else if (recv_packet.flags & QUERYFLAGS_RCODE) + else if (!(recv_packet.flags & QUERYFLAGS_QR) || (recv_packet.flags & QUERYFLAGS_RCODE)) { Error error = ERROR_UNKNOWN; -- cgit v1.2.3