Re: [LEDE-DEV] [PATCH] dnsmasq: forward.c: fix CVE-2017-13704

On Tue, Aug 29, 2017 at 3:29 PM, Kevin Darbyshire-Bryant wrote: > Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset() > is called with header & limit pointing at the same address and thus > tries to clear memory from before the buffer begins. > >

[LEDE-DEV] [PATCH] dnsmasq: forward.c: fix CVE-2017-13704

Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset() is called with header & limit pointing at the same address and thus tries to clear memory from before the buffer begins. answer_request() is called with an invalid edns packet size provided by the client. Ensure the udp_size