From bcb6819715c87c85e0485ff6b9bed725420459a4 Mon Sep 17 00:00:00 2001
From: goldsimon <goldsimon@gmx.de>
Date: Tue, 13 Feb 2018 12:23:50 +0100
Subject: [PATCH] dns_compare_name: change check for u16_t overflow

check upper border (0xFFFF) instead of checking for 0 after overflow
---
 src/core/dns.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/core/dns.c b/src/core/dns.c
index cfb64f53..e966ab87 100644
--- a/src/core/dns.c
+++ b/src/core/dns.c
@@ -649,10 +649,12 @@ dns_compare_name(const char *query, struct pbuf *p, u16_t start_offset)
   u16_t response_offset = start_offset;
 
   do {
-    n = pbuf_try_get_at(p, response_offset++);
-    if ((n < 0) || (response_offset == 0)) {
+    n = pbuf_try_get_at(p, response_offset);
+    if ((n < 0) || (response_offset == 0xFFFF)) {
+      /* error or overflow */
       return 0xFFFF;
     }
+    response_offset++;
     /** @see RFC 1035 - 4.1.4. Message compression */
     if ((n & 0xc0) == 0xc0) {
       /* Compressed name: cannot be equal since we don't send them */
@@ -667,10 +669,11 @@ dns_compare_name(const char *query, struct pbuf *p, u16_t start_offset)
         if ((*query) != (u8_t)c) {
           return 0xFFFF;
         }
-        ++response_offset;
-        if (response_offset == 0) {
+        if (response_offset == 0xFFFF) {
+          /* would overflow */
           return 0xFFFF;
         }
+        response_offset++;
         ++query;
         --n;
       }
@@ -683,6 +686,7 @@ dns_compare_name(const char *query, struct pbuf *p, u16_t start_offset)
   } while (n != 0);
 
   if (response_offset == 0xFFFF) {
+    /* would overflow */
     return 0xFFFF;
   }
   return (u16_t)(response_offset + 1);