MDNS is not safe against malformed or short packets

[matthewgream]

The buffer is allocated according to the size of the packet:

https://github.com/arduino-libraries/ArduinoMDNS/blob/00ed2b61b1bfcc602bf26a4dd2be2b176aa1241d/MDNS.cpp#L532

• but buffer is accessed based upon apparently number of queries in the packet header
• and butter is accessed and offsets are increased without ensuring that end of buffer is not overrun
• therefore, trivial ability to denial of service ArduinoMDNS devices with malformed UDP packets causing illegal instruction accesses