From 984e87d8e98cc298976dee1d08a42559c55c8a70 Mon Sep 17 00:00:00 2001 From: Kevin Bracey Date: Fri, 5 May 2017 11:33:14 +0300 Subject: [PATCH] NSAPI - Don't send trailing garbage in DNS queries Observed during investigation of https://github.com/ARMmbed/mbed-os/issues/4246 - DNS queries sent the entire buffer, not just the bit filled in. Inefficient, especially for 6LoWPAN, and a security hole - the trailing data could be previously-used heap. --- features/netsocket/nsapi_dns.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/features/netsocket/nsapi_dns.cpp b/features/netsocket/nsapi_dns.cpp index 4e1970a266..4f95771702 100644 --- a/features/netsocket/nsapi_dns.cpp +++ b/features/netsocket/nsapi_dns.cpp @@ -227,7 +227,7 @@ static nsapi_size_or_error_t nsapi_dns_query_multiple(NetworkStack *stack, const uint8_t *question = packet; dns_append_question(&question, host, version); - err = socket.sendto(SocketAddress(dns_servers[i], 53), packet, DNS_BUFFER_SIZE); + err = socket.sendto(SocketAddress(dns_servers[i], 53), packet, question - packet); // send may fail for various reasons, including wrong address type - move on if (err < 0) { continue;