From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sun, 24 May 2020 17:16:07 +0000 (+0100)
Subject: If server sends answer with TC set via TCP, bail
X-Git-Tag: adns-1.5.2~3
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commitdiff_plain;h=6806be4a5c5213094502d8fd0bc5a76cc0d256f8

If server sends answer with TC set via TCP, bail

We shouldn't use the answer; it's corrupted.  But we don't have a
recovery strategy either.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/src/reply.c b/src/reply.c
index ca0de2f..fbe4c95 100644
--- a/src/reply.c
+++ b/src/reply.c
@@ -370,6 +370,11 @@ void adns__procdgram(adns_state ads, const byte *dgram, int dglen,
     adns__query_fail(qu,adns_s_invalidresponse);
     return;
   }
+  if (qu->flags & adns_qf_usevc) {
+    adns__diag(ads,serv,qu,"server sent datagram with TC over TCP");
+    adns__query_fail(qu,adns_s_invalidresponse);
+    return;
+  }
   qu->flags |= adns_qf_usevc;
   
  x_restartquery: