community
/
dns
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add some more checks

This commit is contained in:
Miek Gieben 2014-04-05 08:06:49 +01:00
parent a211645d0a
commit abe6de223d
2 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
msg.go
View File

@ -976,7 +976,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
if off == rdend { if off == rdend {
break break
} }
if off+net.IPv6len > rdend { if off+net.IPv6len > rdend || off+net.IPv6len > lenmsg {
return lenmsg, &Error{err: "overflow unpacking aaaa"} return lenmsg, &Error{err: "overflow unpacking aaaa"}
} }
fv.Set(reflect.ValueOf(net.IP{msg[off], msg[off+1], msg[off+2], msg[off+3], msg[off+4], fv.Set(reflect.ValueOf(net.IP{msg[off], msg[off+1], msg[off+2], msg[off+3], msg[off+4],
@ -988,6 +988,9 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
serv := make([]uint16, 0) serv := make([]uint16, 0)
j := 0 j := 0
for off < rdend { for off < rdend {
if off+1 > lenmsg {
return lenmsg, &Error{err: "overflow unpacking wks"}
}
b := msg[off] b := msg[off]
// Check the bits one by one, and set the type // Check the bits one by one, and set the type
if b&0x80 == 0x80 { if b&0x80 == 0x80 {
@ -1023,7 +1026,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
break break
} }
// Rest of the record is the type bitmap // Rest of the record is the type bitmap
if off+2 > rdend { if off+2 > rdend || off+2 > lenmsg {
return lenmsg, &Error{err: "overflow unpacking nsecx"} return lenmsg, &Error{err: "overflow unpacking nsecx"}
} }
nsec := make([]uint16, 0) nsec := make([]uint16, 0)
@ -1037,15 +1040,18 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
// A length window of zero is strange. If there // A length window of zero is strange. If there
// the window should not have been specified. Bail out // the window should not have been specified. Bail out
// println("dns: length == 0 when unpacking NSEC") // println("dns: length == 0 when unpacking NSEC")
return lenmsg, ErrRdata return lenmsg, &Error{err: "overflow unpacking nsecx"}
} }
if length > 32 { if length > 32 {
return lenmsg, ErrRdata return lenmsg, &Error{err: "overflow unpacking nsecx"}
} }
// Walk the bytes in the window - and check the bit settings... // Walk the bytes in the window - and check the bit settings...
off += 2 off += 2
for j := 0; j < length; j++ { for j := 0; j < length; j++ {
if off+j+1 > lenmsg {
return lenmsg, &Error{err: "overflow unpacking nsecx"}
}
b := msg[off+j] b := msg[off+j]
// Check the bits one by one, and set the type // Check the bits one by one, and set the type
if b&0x80 == 0x80 { if b&0x80 == 0x80 {

15
parse_test.go
View File

@ -1115,11 +1115,14 @@ func TestTxtLong(t *testing.T) {
} }
} }
func TestMalformedPacket1(t *testing.T) { func TestMalformedPackets(t *testing.T) {
packet := "00441553000000010000000000010563646e6a730a636c6f7564666c61726503636f6d0363646e0a636c6f7564666c617265036e657400001c00010000291000000080000000" var packets = []string{
data, _ := hex.DecodeString(packet) "0021641c000000010000000000000b757361706f6f6c70726f7303636f6d0000100001",
}
// This crashes godns for _, packet := range packets {
var msg Msg data, _ := hex.DecodeString(packet)
msg.Unpack(data) var msg Msg
msg.Unpack(data)
}
} }