From 2fdd75c6332d57c8ac5cc6d70d6289065d236fe6 Mon Sep 17 00:00:00 2001
From: Brad House <brad@brad-house.com>
Date: Thu, 25 Jan 2024 21:19:01 -0500
Subject: [PATCH] clusterfuzz: enforce maximum DNS packet size due to long
 parser time

---
 src/lib/ares_dns_parse.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/lib/ares_dns_parse.c b/src/lib/ares_dns_parse.c
index da26ffdc..4e3fd40c 100644
--- a/src/lib/ares_dns_parse.c
+++ b/src/lib/ares_dns_parse.c
@@ -1128,6 +1128,11 @@ static ares_status_t ares_dns_parse_buf(ares__buf_t *buf, unsigned int flags,
     return ARES_EFORMERR;
   }
 
+  /* Maximum DNS packet size is 64k, even over TCP */
+  if (ares__buf_len(buf) > 0xFFFF) {
+    return ARES_EFORMERR;
+  }
+
   /* All communications inside of the domain protocol are carried in a single
    * format called a message.  The top level format of message is divided
    * into 5 sections (some of which are empty in certain cases) shown below: