guard dns_id assignment against zero, fall back to 1 when getrandom

gasbytes · danielinux · commit fbc7556c21df · 2026-03-27T12:04:24.000+01:00
truncation results to zero
diff --git a/src/test/unit/unit.c b/src/test/unit/unit.c
@@ -677,6 +677,7 @@ Suite *wolf_suite(void)
     tcase_add_test(tc_proto, test_regression_dns_rcode_error_aborts_query);
     tcase_add_test(tc_proto, test_regression_udp_checksum_zero_substituted_with_ffff);
     tcase_add_test(tc_proto, test_regression_last_ack_rejects_out_of_window_segment);
+    tcase_add_test(tc_proto, test_regression_dns_id_never_zero);
 
     tcase_add_test(tc_utils, test_transport_checksum);
     tcase_add_test(tc_utils, test_iphdr_set_checksum);
diff --git a/src/test/unit/unit_tests_proto.c b/src/test/unit/unit_tests_proto.c
@@ -4426,5 +4426,32 @@ START_TEST(test_regression_last_ack_rejects_out_of_window_segment)
 }
 END_TEST
 
+/* dns_id is assigned from wolfIP_getrandom() which can truncate to 0.
+ * Zero is the sentinel for "no query active," so a zero dns_id breaks
+ * the re-entry guard, disables retransmission, and puts a predictable
+ * transaction ID on the wire. */
+START_TEST(test_regression_dns_id_never_zero)
+{
+    struct wolfIP s;
+    uint16_t id = 0;
+
+    wolfIP_init(&s);
+    mock_link_init(&s);
+    s.dns_server = 0x08080808U;
+
+    /* Force wolfIP_getrandom to return 0 */
+    test_rand_override_enabled = 1;
+    test_rand_override_value = 0;
+
+    ck_assert_int_eq(dns_send_query(&s, "example.com", &id, DNS_A), 0);
+
+    /* dns_id must never be zero even when the RNG returns zero */
+    ck_assert_uint_ne(s.dns_id, 0);
+    ck_assert_uint_ne(id, 0);
+
+    test_rand_override_enabled = 0;
+}
+END_TEST
+
 
 /* ----------------------------------------------------------------------- */
diff --git a/src/wolfip.c b/src/wolfip.c
@@ -6747,7 +6747,9 @@ static int dns_send_query(struct wolfIP *s, const char *dname, uint16_t *id,
             return -1;
         wolfIP_register_callback(s, s->dns_udp_sd, dns_callback, s);
     }
-    s->dns_id = wolfIP_getrandom();
+    s->dns_id = (uint16_t)(wolfIP_getrandom() & 0xFFFF);
+    if (s->dns_id == 0)
+        s->dns_id = 1;
     *id = s->dns_id;
     memset(buf, 0, 512);
     s->dns_query_type = (qtype == DNS_PTR) ? DNS_QUERY_TYPE_PTR : DNS_QUERY_TYPE_A;
