Check the length of TCP queries

There is no point in trying to parse queries whose length
is < sizeof(dnsheader).

diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index a69c0ae72833f2aada20a8f19e1e614366666dc9..a24680b852138445a43411bd1fd0d644aa0a3a85 100644 (file)
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -146,7 +146,12 @@ void* tcpClientThread(int pipefd)
       for(;;) {      
         if(!getNonBlockingMsgLen(ci.fd, &qlen, g_tcpRecvTimeout))
           break;
-        
+
+        if (qlen < sizeof(dnsheader)) {
+          g_stats.nonCompliantQueries++;
+          break;
+        }
+
         char query[qlen];
         readn2WithTimeout(ci.fd, query, qlen, g_tcpRecvTimeout);
        uint16_t qtype;