Use more specific error codes for invalid packets.

In particular, truncated packets without the TC flag set (non-compliant
server sending too large packets) now fail with EOVERFLOW instead of EINVAL,
so the TCP fallback mechanism can work.

feedback and ok krw@ jca@ benno@

1 files changed, 15 insertions, 4 deletions

diff --git a/lib/libc/asr/res_send_async.c b/lib/libc/asr/res_send_async.c
index b75253c101e..4be5731c8e0 100644
--- a/lib/libc/asr/res_send_async.c
+++ b/lib/libc/asr/res_send_async.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: res_send_async.c,v 1.31 2017/02/18 19:23:05 jca Exp $	*/
+/*	$OpenBSD: res_send_async.c,v 1.32 2017/02/18 22:25:13 eric Exp $	*/
 /*
  * Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
  *
@@ -715,7 +715,8 @@ validate_packet(struct asr_query *as)
 	}
 
 	/* Check for truncation */
-	if (h.flags & TC_MASK) {
+	if (h.flags & TC_MASK && !(as->as_ctx->ac_options & RES_IGNTC)) {
+		DPRINT("truncated\n");
 		errno = EOVERFLOW;
 		return (-1);
 	}
@@ -724,8 +725,18 @@ validate_packet(struct asr_query *as)
 	for (r = h.ancount + h.nscount + h.arcount; r; r--)
 		_asr_unpack_rr(&p, &rr);
 
-	if (p.err || (p.offset != as->as.dns.ibuflen))
-		goto inval;
+	/* Report any error found when unpacking the RRs. */
+	if (p.err) {
+		DPRINT("unpack: %s\n", strerror(p.err));
+		errno = p.err;
+		return (-1);
+	}
+
+	if (p.offset != as->as.dns.ibuflen) {
+		DPRINT("trailing garbage\n");
+		errno = EMSGSIZE;
+		return (-1);
+	}
 
 	return (0);