dnsmasq: backport validation fix in dnssec security fix

A DNSSEC validation error was introduced in the fix for CVE-2017-15107 Backport the upstream fix to the fix (a simple typo) Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
author: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> 2018-01-20 08:46:28 +0000
committer: Jo-Philipp Wich <jo@mein.io> 2018-01-20 14:22:39 +0100
commit: adaf1cbcc8b253ea807dbe0416b4b04c33dceadf (patch)
tree: 970eab721ae24f7c6b479be1616a1a6949c155de /package/network/services/dnsmasq/patches
parent: a3198061f80a7f3933810cd99206b085e4cf49f9 (diff)
download: upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.tar.gz
upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.tar.bz2
upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch b/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch
index 029e7ea7af..d13ac2cbad 100644
--- a/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch
+++ b/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch
@@ -160,7 +160,7 @@ in a domain which includes a wildcard for NSEC.
 +		       int type_covered;
 +		       unsigned char *psav = p1;
 +		       
-+		       if (rdlen < 18)
++		       if (rdlen1 < 18)
 +			 return 0; /* bad packet */
 +
 +		       GETSHORT(type_covered, p1);
author	Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>	2018-01-20 08:46:28 +0000
committer	Jo-Philipp Wich <jo@mein.io>	2018-01-20 14:22:39 +0100
commit	adaf1cbcc8b253ea807dbe0416b4b04c33dceadf (patch)
tree	970eab721ae24f7c6b479be1616a1a6949c155de /package/network/services/dnsmasq/patches
parent	a3198061f80a7f3933810cd99206b085e4cf49f9 (diff)
download	upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.tar.gz upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.tar.bz2 upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.zip