From 20270fad396935fd72ea2569cc0650c0ab09ffb8 Mon Sep 17 00:00:00 2001
From: liuxueli <liuxueli@iie.ac.cn>
Date: Fri, 3 Dec 2021 10:57:44 +0300
Subject: TSG-8786:
 DNS应答资源记录中rdlength为空且未对rdata置空，构造应答资源记录字段时访问非法内存导致SAPP重启
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/dns.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/dns.cpp')

diff --git a/src/dns.cpp b/src/dns.cpp
index c77f37a..0b958fc 100644
--- a/src/dns.cpp
+++ b/src/dns.cpp
@@ -212,7 +212,7 @@ int get_rr_str2json(cJSON *object, dns_info_t *dns_info, int *dns_sec)
 			cJSON_AddNumberToObject(one_rr_object, "rdlength", dns_rr->rdlength);
 		}
 
-		if(dns_rr->rdata.a==NULL)
+		if(dns_rr->rdata.a==NULL || dns_rr->rdlength==0)
 		{
 			cJSON_AddItemToArray(dns_rr_array, one_rr_object);
 			continue;
@@ -1801,6 +1801,7 @@ int parse_resource_record(struct streaminfo *a_stream, dns_info_t *dns_info, cha
 
 		if(dns_info->rr[i].rdlength==0)
 		{
+			memset(dns_info->rr[i].rdata.cname, 0, sizeof(dns_info->rr[i].rdata.cname));
 			continue;
 		}
 		
-- 
cgit v1.2.3