From: Patrik Flykt <[email protected]>
Check also that the first part of the name is not of zero length.
---
This experimental patch adds debugging information and extra length checking
for the first returned name element.
A tcpdump of the DNS query-responses would be important to have in order to
analyze the problem correctly.
Cheers,
Patrik & Jukka
src/dnsproxy.c | 25 ++++++++++++++++++++-----
1 file changed, 20 insertions(+), 5 deletions(-)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index 9b20ebc..554a104 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -1579,6 +1579,9 @@ static int ns_resolv(struct server_data *server, struct
request_data *req,
alt[1] = req_len & 0xff;
}
+ DBG("req %p id 0x%04x altid 0x%04x", req, req->dstid,
+ req->altid);
+
err = send(sk, alt, req->request_len + domlen, MSG_NOSIGNAL);
if (err < 0)
return -EIO;
@@ -1609,7 +1612,8 @@ static int forward_dns_reply(unsigned char *reply, int
reply_len, int protocol,
if (req == NULL)
return -EINVAL;
- DBG("id 0x%04x rcode %d", hdr->id, hdr->rcode);
+ DBG("req %p dns id 0x%04x id 0x%04x altid 0x%04x rcode %d",
+ req, hdr->id, req->dstid, req->altid, hdr->rcode);
ifdata = req->ifdata;
@@ -1625,17 +1629,26 @@ static int forward_dns_reply(unsigned char *reply, int
reply_len, int protocol,
* remove it before forwarding the reply.
*/
if (req->append_domain == TRUE) {
+ unsigned int domain_len = 0;
unsigned char *ptr;
uint8_t host_len;
- unsigned int domain_len;
+ unsigned int header_len;
/*
* ptr points to the first char of the hostname.
* ->hostname.domain.net
*/
- ptr = reply + offset + sizeof(struct domain_hdr);
+ header_len = offset + sizeof(struct domain_hdr);
+ ptr = reply + header_len;
host_len = *ptr;
- domain_len = strlen((const char *)ptr + host_len + 1);
+ if (host_len > 0)
+ domain_len = strnlen((const char *)ptr + 1 +
+ host_len,
+ reply_len - header_len);
+
+
+ DBG("header len %d host len %d domain len %d",
+ header_len, host_len, domain_len);
/*
* Remove the domain name and replace it by the end
@@ -1655,7 +1668,7 @@ static int forward_dns_reply(unsigned char *reply, int
reply_len, int protocol,
*/
memmove(ptr + host_len + 1,
ptr + host_len + domain_len + 1,
- reply_len - (ptr - reply + domain_len));
+ reply_len - header_len - domain_len);
reply_len = reply_len - domain_len;
}
@@ -1668,6 +1681,8 @@ static int forward_dns_reply(unsigned char *reply, int
reply_len, int protocol,
if (req->resp == NULL)
return -ENOMEM;
+ DBG("req %p reply len %d", req, reply_len);
+
memcpy(req->resp, reply, reply_len);
req->resplen = reply_len;
--
1.7.10.4
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
