From 8044a5d265fe78ba5b27efe92277a0f0ced2ad16 Mon Sep 17 00:00:00 2001
From: Christian Hofstaedtler <christian@hofstaedtler.name>
Date: Mon, 12 Oct 2015 12:14:21 +0200
Subject: [PATCH] Don't reply to truncated queries

---
 pdns/packethandler.cc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index e92eb0521..6d2383cfa 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -996,6 +996,14 @@ DNSPacket *PacketHandler::questionOrRecurse(DNSPacket *p, bool *shouldRecurse)
     return 0;
   }
 
+  if(p->d.tc) { // truncated query. MOADNSParser would silently parse this packet in an incomplete way.
+    if(d_logDNSDetails)
+      L<<Logger::Error<<"Received truncated query packet from "<<p->getRemote()<<", dropping"<<endl;
+    S.inc("corrupt-packets");
+    S.ringAccount("remotes-corrupt", p->getRemote());
+    return 0;
+  }
+
   if (p->hasEDNS() && p->getEDNSVersion() > 0) {
     r = p->replyPacket();
     r->setRcode(16 & 0xF);
-- 
2.40.0