Prevent possible OOB read in DNS reply parsing

This commit is contained in:
emanuele-f 2024-08-15 13:58:47 +02:00
parent 308de20cc7
commit c4331be97a

View File

@ -657,6 +657,9 @@ static void process_dns_reply(pd_conn_t *data, pcapdroid_t *pd, const struct zdt
uint16_t addr_len = ntohs((*(uint16_t*)(reply + 8)));
reply += 10; len -= 10;
if (len < addr_len)
return;
if((rec_type == 0x1) && (addr_len == 4)) { // A record
ipver = 4;
rsp_addr.ip4 = *((u_int32_t*)reply);