subject:"\[PATCH\] Properly parse uncompressed DNS names"

Re: [PATCH] Properly parse uncompressed DNS names

2014-08-12 Thread Mathias Hasselmann


Ping?

Am 06.08.2014 um 21:55 schrieb Mathias Hasselmann:

Hi,

When parsing uncompressed DNS names the end pointer only must be updated
when encountering a compressed label, or after parsing all uncompressed
labels. Otherwise parse_rr() will interpret the second uncompressed
label as resource record header instead of the bits behind the name
terminating NUL byte.

The attached patch addresses that issue.

Thank you,
Mathias


___
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman



--
Join us at Qt Developer Days 2014 - October 6 - 8 at BCC, Berlin

Mathias Hasselmann | mathias.hasselm...@kdab.com | Software Engineer
KDAB (Deutschland) GmbHCo KG, a KDAB Group company
Tel. Germany +49-30-521325470, Sweden (HQ) +46-563-540090
KDAB - Qt Experts - Platform-independent software solutions



smime.p7s
Description: S/MIME Cryptographic Signature
___
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman

Re: [PATCH] Properly parse uncompressed DNS names

2014-08-12 Thread Patrik Flykt

On Wed, 2014-08-06 at 21:55 +0200, Mathias Hasselmann wrote:
 Hi,
 
 When parsing uncompressed DNS names the end pointer only must be updated 
 when encountering a compressed label, or after parsing all uncompressed 
 labels. Otherwise parse_rr() will interpret the second uncompressed 
 label as resource record header instead of the bits behind the name 
 terminating NUL byte.
 
 The attached patch addresses that issue.

Please send patches inline, it's much easier for everybody that way.

That said, there is unfortunately something wrong with the patch. With
current upstream code I can be pretty confident that 'host www
127.0.0.1' returns the proper name and address of the web server. After
testing with your patch it starts to fail with 'host' complaining about
malformed packets.

I think the patch is doing some use case properly as you would not have
sent it otherwise. Can you provide packet traces for loopback and the
uplink interface before and after your changes so that we can figure out
what kind of packets get delivered properly after the fix?

Cheers,

Patrik

___
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman

Re: [PATCH] Properly parse uncompressed DNS names

2014-08-12 Thread Mathias Hasselmann


Hi Patrik,

Sad to hear that the patch doesn't work for you. Have to take another 
look: Guess while fixing uncompressed labels I've broken the more common 
compressed variant? Anyway. The case fixed is with a (very primitive) 
fallback nameserver that answers questions like this:


  \X53\X0E\X00\X20
  \X00\X01\X00\X00\X00\X00\X00\X01
  \X07connman\X03net\X00\X00\X01\X00\X01
  \X00\X00\X29\X10\X00\X00\X00\X00\X00\X00\X00

or this:

  \X37\X38\X00\X20
  \X00\X01\X00\X00\X00\X00\X00\X01
  \X03106\X0211\X03145\X03198\X07in-addr\X04arpa\X00\X00\X0C\X00\X01
  \X00\X00\X29\X10\X00\X00\X00\X00\X00\X00\X00

with packets like this:

  \x53\x0E\x80\xA0
  \x00\x01\x00\x01\x00\x00\x00\x00
  \x07connman\x03net\x00\x00\x01\x00\x01
  \x07connman\x03net\x00\x00\x01\x00\x01
  \x00\x00\x07\x08\x00\x04\xC6\x91\x0B\x6A

and this:

  \X37\X38\X80\XA0
  \X00\X01\X00\X01\X00\X00\X00\X00
  \X03106\X0211\X03145\X03198\X07in-addr\X04arpa\X00\X00\X0C\X00\X01
  \X03106\X0211\X03145\X03198\X07in-addr\X04arpa\X00\X00\X0C\X00\X01
  \X00\X00\X07\X08\X00\X0D\X07connman\X03net\X00

As you can see the answers' labels are uncompressed instead of just 
pointing to the questions' labels.


Ciao,
Mathias

Am 12.08.2014 um 12:46 schrieb Patrik Flykt:

On Wed, 2014-08-06 at 21:55 +0200, Mathias Hasselmann wrote:

Hi,

When parsing uncompressed DNS names the end pointer only must be updated
when encountering a compressed label, or after parsing all uncompressed
labels. Otherwise parse_rr() will interpret the second uncompressed
label as resource record header instead of the bits behind the name
terminating NUL byte.

The attached patch addresses that issue.


Please send patches inline, it's much easier for everybody that way.

That said, there is unfortunately something wrong with the patch. With
current upstream code I can be pretty confident that 'host www
127.0.0.1' returns the proper name and address of the web server. After
testing with your patch it starts to fail with 'host' complaining about
malformed packets.

I think the patch is doing some use case properly as you would not have
sent it otherwise. Can you provide packet traces for loopback and the
uplink interface before and after your changes so that we can figure out
what kind of packets get delivered properly after the fix?

Cheers,

Patrik

___
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman



--
Join us at Qt Developer Days 2014 - October 6 - 8 at BCC, Berlin

Mathias Hasselmann | mathias.hasselm...@kdab.com | Software Engineer
KDAB (Deutschland) GmbHCo KG, a KDAB Group company
Tel. Germany +49-30-521325470, Sweden (HQ) +46-563-540090
KDAB - Qt Experts - Platform-independent software solutions



smime.p7s
Description: S/MIME Cryptographic Signature
___
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman

[PATCH] Properly parse uncompressed DNS names

2014-08-06 Thread Mathias Hasselmann


Hi,

When parsing uncompressed DNS names the end pointer only must be updated 
when encountering a compressed label, or after parsing all uncompressed 
labels. Otherwise parse_rr() will interpret the second uncompressed 
label as resource record header instead of the bits behind the name 
terminating NUL byte.


The attached patch addresses that issue.

Thank you,
Mathias
--
Join us at Qt Developer Days 2014 - October 6 - 8 at BCC, Berlin

Mathias Hasselmann | mathias.hasselm...@kdab.com | Software Engineer
KDAB (Deutschland) GmbHCo KG, a KDAB Group company
Tel. Germany +49-30-521325470, Sweden (HQ) +46-563-540090
KDAB - Qt Experts - Platform-independent software solutions

From ce2bede8c2de445e99262bb66b9effedbf186ced Mon Sep 17 00:00:00 2001
From: Mathias Hasselmann mathias.hasselm...@kdab.com
Date: Wed, 6 Aug 2014 21:47:37 +0200
Subject: [PATCH] Properly parse uncompressed DNS names

When parsing uncompressed DNS names the end pointer only must be updated when
encountering a compressed label, or after parsing all uncompressed labels.
Otherwise parse_rr() will interpret the second uncompressed label as resource
record header instead of the bits behind the name terminating NUL byte.
---
 src/dnsproxy.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index 7232b98..2de8bdc 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -880,14 +880,14 @@ static int get_name(int counter,
 
 			p += label_len + 1;
 
-			if (!*end)
-*end = p;
-
 			if (p = max)
 return -ENOBUFS;
 		}
 	}
 
+	if (!*end)
+		*end = p + 1;
+
 	return 0;
 }
 
-- 
1.9.1




smime.p7s
Description: S/MIME Cryptographic Signature
___
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman

Re: [PATCH] Properly parse uncompressed DNS names

Re: [PATCH] Properly parse uncompressed DNS names

Re: [PATCH] Properly parse uncompressed DNS names

[PATCH] Properly parse uncompressed DNS names

4 matches

Site Navigation

Mail list logo

Footer information