From 144d4ad1d4bd520108c655a23de60a4c6463812b Mon Sep 17 00:00:00 2001
From: David Cermak <cermak@espressif.com>
Date: Thu, 20 Jun 2019 14:12:15 +0200
Subject: [PATCH] mdns: fix ignoring mdns packet with some invalid name entries
 in question field

In case of invalid name entry, only this entry is invalidated and parsing continues as other query entries could contain questions to be responded to


* Original commit: espressif/esp-idf@4bd4c7caf3f9ef8402c5a27ab44561537407eb60
---
 components/mdns/mdns.c                         | 9 +++++----
 components/mdns/private_include/mdns_private.h | 1 +
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/components/mdns/mdns.c b/components/mdns/mdns.c
index 97156194e..92909e2de 100644
--- a/components/mdns/mdns.c
+++ b/components/mdns/mdns.c
@@ -174,7 +174,7 @@ static const uint8_t * _mdns_read_fqdn(const uint8_t * packet, const uint8_t * s
     size_t index = 0;
     while (start[index]) {
         if (name->parts == 4) {
-            return NULL;
+            name->invalid = true;
         }
         uint8_t len = start[index++];
         if (len < 0xC0) {
@@ -195,7 +195,7 @@ static const uint8_t * _mdns_read_fqdn(const uint8_t * packet, const uint8_t * s
                 strlcat(name->host, buf, sizeof(name->host));
             } else if (strcasecmp(buf, MDNS_SUB_STR) == 0) {
                 name->sub = 1;
-            } else {
+            } else if (!name->invalid) {
                 char* mdns_name_ptrs[]={name->host, name->service, name->proto, name->domain};
                 memcpy(mdns_name_ptrs[name->parts++], buf, len+1);
             }
@@ -2316,6 +2316,7 @@ static const uint8_t * _mdns_parse_fqdn(const uint8_t * packet, const uint8_t *
     name->service[0] = 0;
     name->proto[0] = 0;
     name->domain[0] = 0;
+    name->invalid = false;
 
     static char buf[MDNS_NAME_BUF_LEN];
 
@@ -2323,7 +2324,7 @@ static const uint8_t * _mdns_parse_fqdn(const uint8_t * packet, const uint8_t *
     if (!next_data) {
         return 0;
     }
-    if (!name->parts) {
+    if (!name->parts || name->invalid) {
         return next_data;
     }
     if (name->parts == 3) {
@@ -2621,7 +2622,7 @@ void mdns_parse_packet(mdns_rx_packet_t * packet)
             clas &= 0x7FFF;
             content = content + 4;
 
-            if (clas != 0x0001) {//bad class
+            if (clas != 0x0001 || name->invalid) {//bad class or invalid name for this question entry
                 continue;
             }
 
diff --git a/components/mdns/private_include/mdns_private.h b/components/mdns/private_include/mdns_private.h
index e3becf28f..ed7e89cb8 100644
--- a/components/mdns/private_include/mdns_private.h
+++ b/components/mdns/private_include/mdns_private.h
@@ -184,6 +184,7 @@ typedef struct {
     char domain[MDNS_NAME_BUF_LEN];
     uint8_t parts;
     uint8_t sub;
+    bool    invalid;
 } mdns_name_t;
 
 typedef struct mdns_parsed_question_s {