* Simplify maxDomainNameWireOctets checking in UnpackDomainName
* Don't return too long name in UnpackDomainName
* Simplify root domain return in UnpackDomainName
* Bail early from UnpackDomainName when name is too long
This drastically reduces the amount of garbage created
in UnpackDomainName for certain malicious names.
The wire formatted name
"\x3Faaabbbcccdddeeefffggghhhiiijjjkkklllmmmnnnooopppqqqrrrssstttuuu\xC0\x00"
would previously generate 1936B of garbage (36112B since maxCompressionPointers
was raised) before returning the "too many compression pointers" error, while
it now generates just 384B of garbage.
* Change +1 budget comment to reflect spec
This better reflects what maxDomainNameWireOctets is actually measuring.
* Remove budget check from after loop in UnpackDomainName
This can never be tripped as budget is always checked immediately after
subtracting inside the loop.
* Improve UnpackDomainName documentation
Generalize the srv.Unsafe and make it pluggeable. Also add a default
accept function that allows to discard malformed DNS messages very early
on. Before we allocate and parse anything furher.
Also re-use the client's message when sending a reply.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Increase the maximum number of allowed compression pointers
* Add a Pack+Unpack test case for many compression pointers
* Clarify maxCompressionPointers comment
* Use range loops in Msg.packBufferWithCompressionMap
* Remove rr set variables in Msg.packBufferWithCompressionMap
* Move Header var down in Msg.packBufferWithCompressionMap
* Move stripTsig comment into Msg.Unpack
* Use map[string]struct{} for compression map in Len
map[string]int requires 8 bytes per entry to store the unused position
information.
* Add MsgLength benchmark with more RRs
* Pass dns.Compress explicitly to packBufferWithCompressionMap
* Avoid creating compression map for question only Msg
This idea was inspired by:
"Skip dname compression for replies with no answers."
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=235
* Continue compressing multiple questions
* Remove ErrTruncated from the library
ErrTruncated is removed. This (correctly) assume that a truncated
message will be fully formed. Any message that isn't fully formed will
return (most likely) an unpack error.
Any program using ErrTruncated will fail to compile when they update to
this version: this is by design: you're doing it wrong. For checking if
a message was truncated you should checked the msg.Truncated boolean;
assuming the unpack didn't fail.
Fixes#814
Signed-off-by: Miek Gieben <miek@miek.nl>
* Restore tests
Signed-off-by: Miek Gieben <miek@miek.nl>
When packDomainName is called with an escaped domain name and compress
being true, bs wasn't be truncated to the correct length and would
include garbage that would be included in the compression map.
When the dname is found in the compression map and compress is true,
this copy is as it will simply be overwritten later. This could provide
a very slight speedup.
Tom Thorogood
Miek Gieben