From d1f56c9a0110805c4a5f3afba2990556cb74ec8b Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Wed, 22 May 2019 20:07:45 +0200
Subject: [PATCH] BUG/MEDIUM: dns: make the port numbers unsigned

Mustafa Yildirim reported in Discourse that ports >32767 advertised
in SRV records are wrong. Given the high value they definitely
correspond to a sign extension of a negative number. The cause was
indeed that the port is declared as a signed int in the dns_answer_item
structure, and Lukas confirmed in github issue #103 that turning it to
unsigned addresses the issue.

It is worth noting that there are other such fields in this structure
that don't look right (ttl, priority, class, type) and that someone
should audit this part to be certain they are properly typed.

This fix must be backported to 1.9 and likely to 1.8 as well.
---
 include/types/dns.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/types/dns.h b/include/types/dns.h
index 81cd6d260..5a60c0708 100644
--- a/include/types/dns.h
+++ b/include/types/dns.h
@@ -146,7 +146,7 @@ struct dns_answer_item {
 	int32_t         ttl;                         /* response TTL */
 	int16_t         priority;                    /* SRV type priority */
 	uint16_t        weight;                      /* SRV type weight */
-	int16_t         port;                        /* SRV type port */
+	uint16_t        port;                        /* SRV type port */
 	uint16_t        data_len;                    /* number of bytes in target below */
 	struct sockaddr address;                     /* IPv4 or IPv6, network format */
 	char            target[DNS_MAX_NAME_SIZE+1]; /* Response data: SRV or CNAME type target */