From: Christian Hofstaedtler <christian@hofstaedtler.name>
Date: Mon, 12 Oct 2015 10:14:21 +0000 (+0200)
Subject: Don't reply to truncated queries
X-Git-Tag: dnsdist-1.0.0-alpha1~242
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=43b504051e7156e818081ff302ec17eef6980ac5;p=pdns

Don't reply to truncated queries
---

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 2ed23adc2..6f5c8a6c5 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -1130,6 +1130,14 @@ DNSPacket *PacketHandler::questionOrRecurse(DNSPacket *p, bool *shouldRecurse)
     return 0;
   }
 
+  if(p->d.tc) { // truncated query. MOADNSParser would silently parse this packet in an incomplete way.
+    if(d_logDNSDetails)
+      L<<Logger::Error<<"Received truncated query packet from "<<p->getRemote()<<", dropping"<<endl;
+    S.inc("corrupt-packets");
+    S.ringAccount("remotes-corrupt", p->d_remote);
+    return 0;
+  }
+
   if (p->hasEDNS() && p->getEDNSVersion() > 0) {
     r = p->replyPacket();
     r->setRcode(16 & 0xF);