[CVE-2015-8899] Fix crash when empty address from DNS overlays A record from hosts

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash)
via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

- CVE: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899
- Patch: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87

Change-Id: If86a54c0696fea852bb9bc2f8aeece6bd6bb1598
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>

diff --git a/src/cache.c b/src/cache.c
index 178d654..1b76b67 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -481,7 +481,7 @@ struct crec *cache_insert(char *name, struct all_addr *addr,
         existing record is for an A or AAAA and
         the record we're trying to insert is the same, 
         just drop the insert, but don't error the whole process. */
-      if ((flags & (F_IPV4 | F_IPV6)) && (flags & F_FORWARD))
+      if ((flags & (F_IPV4 | F_IPV6)) && (flags & F_FORWARD) && addr)
        {
          if ((flags & F_IPV4) && (new->flags & F_IPV4) &&
              new->addr.addr.addr.addr4.s_addr == addr->addr.addr4.s_addr)