Malformed DNS packets crash FreeRTOS+TCP

While testing a PIC32 port for FreeRTOS+TCP, I’ve been using Zenmap (part of the Nmap suite) as a quick way of generating a lot of random flavoured packets quickly. After fixing my own code enough to create the illusion of stability, I discovered bad DNS packets can result in ‘bad things happening’. This is because the counted byte fields are not checked to see if they go out of bounds while parsing which results in a GPF in extreme cases. I have patched FreeRTOS_DNS.c to keep track of buffer remaining while parsing progresses. This has at least kept the microcontroller alive against a battery of tests for the last few days. Are the code modifications useful to anyone, or is this bug report sufficient? Thanks.

Malformed DNS packets crash FreeRTOS+TCP

Hi John, thanks for taking the time to report this. I would be grateful if you could attached the patched file to a post so we can investigate further.

Malformed DNS packets crash FreeRTOS+TCP

Apologies for the delay. Please find attached the modified file.

Malformed DNS packets crash FreeRTOS+TCP

Thanks John. I will check your extra checks on de DNS packets 🙂