DNS AM: add a bit of defensive programming

This fixes #4090

scapy/layers/dns.py

@@ -1259,12 +1259,36 @@ def is_request(self, req):
     def make_reply(self, req):
         if IPv6 in req:
             resp = IPv6(dst=req[IPv6].src, src=self.src_ip6)
-        else:
+        elif IP in req:
             resp = IP(dst=req[IP].src, src=self.src_ip)
-        resp /= UDP(sport=req.dport, dport=req.sport)
+        else:
+            warning("No IP or IPv6 layer in %s", req.command())
+            return
+        try:
+            resp /= UDP(sport=req[UDP].dport, dport=req[UDP].sport)
+        except IndexError:
+            warning("No UDP layer in %s", req.command(), exc_info=True)
+            return
         ans = []
-        req = req.getlayer(self.cls)
-        for rq in req.qd:
+        try:
+            req = req[self.cls]
+        except IndexError:
+            warning(
+                "No %s layer in %s",
+                self.cls.__name__,
+                req.command(),
+                exc_info=True,
+            )
+            return
+        try:
+            queries = req.qd
+        except AttributeError:
+            warning("No qd attribue in %s", req.command(), exc_info=True)
+            return
+        for rq in queries:
+            if isinstance(rq, Raw):
+                warning("Cannot parse qd element %s", rq.command(), exc_info=True)
+                continue
             if rq.qtype in [1, 28]:
                 # A or AAAA
                 if rq.qtype == 28:

test/answering_machines.uts

@@ -73,6 +73,13 @@ test_am(DNS_am,
         check_DNS_am_reply,
         joker="192.168.1.1")
 
+assert DNS_am().make_reply(Ether()) is None
+assert DNS_am().make_reply(Ether()/IP()) is None
+assert DNS_am().make_reply(Ether()/IP()/UDP()) is None
+assert DNS_am().make_reply(
+    Ether()/IP()/UDP()/DNS(b'q\xa04\x00\x00\xa0\x01\x00\xf3\x00\x01\x04\x01y')
+) is None
+
 = DHCPv6_am - Basic Instantiaion
 ~ osx netaccess
 a = DHCPv6_am()