From 388d01a345a4cfa6d1e9b544899c48326b61ca5b Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Tue, 15 Nov 2022 16:29:10 +0100
Subject: DNS: fix an infinite loop, due to an integer overflow (#1804)

Found by sydr-fuzz
Close #1803
---
 src/lib/protocols/dns.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index 7c1cbca44..ff0ac846a 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -477,7 +477,7 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st
 
     /* Before continuing let's dissect the following queries to see if they are valid */
     for(idx=off, num_queries=0; (num_queries < dns_header.num_queries) && (idx < packet->payload_packet_len);) {
-      u_int16_t i, tot_len = 0;
+      u_int32_t i, tot_len = 0;
 
       for(i=idx; i<packet->payload_packet_len;) {
 	u_int8_t is_ptr = 0, name_len = packet->payload[i]; /* Lenght of the individual name blocks aaa.bbb.com */
-- 
cgit v1.2.3