auth: Treat requestor's payload size lower than 512 as equal to 512

author Remi Gacogne <remi.gacogne@powerdns.com>

Thu, 7 Sep 2017 07:43:53 +0000 (09:43 +0200)

committer Pieter Lexis <pieter.lexis@powerdns.com>

Tue, 7 Nov 2017 20:26:05 +0000 (21:26 +0100)
author Remi Gacogne <remi.gacogne@powerdns.com>
Thu, 7 Sep 2017 07:43:53 +0000 (09:43 +0200)
committer Pieter Lexis <pieter.lexis@powerdns.com>
Tue, 7 Nov 2017 20:26:05 +0000 (21:26 +0100)
diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc

index e1583ca342314b88f8e0c920fc05c55a47280b1c..66f73a5e04cf7c3a29004bec9c77011efac572c8 100644 (file)
--- a/pdns/dnspacket.cc
+++ b/pdns/dnspacket.cc
@@ -559,7 +559,10 @@ try
  
    if(getEDNSOpts(mdp, &edo)) {
      d_haveednssection=true;
-    d_maxreplylen=std::min(edo.d_packetsize, s_udpTruncationThreshold);
+    /* rfc6891 6.2.3:
+       "Values lower than 512 MUST be treated as equal to 512."
+    */
+    d_maxreplylen=std::min(std::max(static_cast<uint16_t>(512), edo.d_packetsize), s_udpTruncationThreshold);
  //    cerr<<edo.d_Z<<endl;
      if(edo.d_Z & EDNSOpts::DNSSECOK)
        d_dnssecOk=true;
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Thu, 7 Sep 2017 07:43:53 +0000 (09:43 +0200)
committer	Pieter Lexis <pieter.lexis@powerdns.com>
	Tue, 7 Nov 2017 20:26:05 +0000 (21:26 +0100)