Don't reply to truncated queries

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 2ed23adc206c35cc250cc7f7abdea716f1980f39..6f5c8a6c528664c372e6acad360689edbedc91de 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -1130,6 +1130,14 @@ DNSPacket *PacketHandler::questionOrRecurse(DNSPacket *p, bool *shouldRecurse)
     return 0;
   }
 
+  if(p->d.tc) { // truncated query. MOADNSParser would silently parse this packet in an incomplete way.
+    if(d_logDNSDetails)
+      L<<Logger::Error<<"Received truncated query packet from "<<p->getRemote()<<", dropping"<<endl;
+    S.inc("corrupt-packets");
+    S.ringAccount("remotes-corrupt", p->d_remote);
+    return 0;
+  }
+
   if (p->hasEDNS() && p->getEDNSVersion() > 0) {
     r = p->replyPacket();
     r->setRcode(16 & 0xF);