* Limit $GENERATE range to 65535 steps
Having these checks means all test in TestCrasherString() are not
reached because we bail out earlier - removed that test all together.
Fixes#1019
Signed-off-by: Miek Gieben <miek@miek.nl>
* bring back testcase
Signed-off-by: Miek Gieben <miek@miek.nl>
* bring back crash test
Signed-off-by: Miek Gieben <miek@miek.nl>
* [scan] fix crashers when parsing comment
When dealing with comments the parsers was potentially incrementing comi
variable twice. During the second access to com[], comi was possibly
longer than maxTok, causing an out of bound error:
panic: runtime error: index out of range [2048] with length 2048
* * Keep only 1 crasher test string.
* move tests from scan_test.go to fuzz_test.go
* [fuzz] Fix crashes when parsing GENERATE
Running the fuzzer on NewRR, some crashes came up that could be
prevented by checking that the token after the range is a Blank.
This diff checks that and return an error when the blank is not found.
* * s/Expect blank /garbage /
* get rid of if/else
One of the test from DNS Compliance testing validates that if the opcode
is not supported, a NOTIMPL rcode is returned.
e0884144dd/genreport.c (L293)
This diff makes the default acceptfunc support this case and reply with
NOTIMPL instead of FORMERR.
* Merge setRR into ZoneParser.Next
* Remove file argument from RR.parse
This was only used to fill in the ParseError file field. Instead we now
fill in that field in ZoneParser.Next.
* Move dynamic update check out of RR.parse
This consolidates all the dynamic update checks into one place.
* Check for unexpected newline before parsing RR data
* Move rr.parse call into if-statement
* Allow dynamic updates for TKEY and RFC3597 records
* Document that ParseError file field is unset from parse
* Inline allowDynamicUpdate into ZoneParser.Next
* Improve and simplify TestUnexpectedNewline
Both NSEC and NSEC3 use the same logic to pack the bitmap.
CSYNC.pack also appear to make use of `packDataNsec` so I am giving it
the same treatment by moving the logic in a helper function and making
all those types `len` call use that function.
This follows BIND9 and removed support for the DSA family of algorithms.
Any DNSSEC implementation should consider those zones using it,
insecure.
Signed-off-by: Miek Gieben <miek@miek.nl>
This removes RSAMD5 as an algorithm you can use. BIND also has
deprecated *all* DSA algos which is more involved can removes more
helper codes as well, so that should be done in a new PR.
See #968
Signed-off-by: Miek Gieben <miek@miek.nl>
The byte sequence, when Unpack()-ed and subsequential Pack()-ed created a
panic: runtime error: slice bounds out of range
github.com/miekg/dns.(*Msg).packBufferWithCompressionMap(0xc0000d4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x14, 0x14e80b, 0xbf2d4654d501a3c8, ...)
/Users/chantra/go/src/github.com/miekg/dns/msg.go:868 +0x13a8
Confirmed that Unpacking/Repacking payload described in TestCrashNSEC
did not raise a slice bound out of range panic, added unittests which
failed prior to this change.
```
go test -run TestCrashNSEC
--- FAIL: TestCrashNSEC (0.00s)
types_test.go:135: expected length of 19, got 12
FAIL
exit status 1
FAIL github.com/miekg/dns 0.067s
```
* Call SetTsig() Msg `r` if q.IsTsig() != nil to enable TSIG on AXFR.
* Add tests for xfr.go
* Fix data race condition setting server.TsigSecret
* Test cleanup: xfr_test.go
* Xfr Test cleanup: use exported `IsDuplicate()`, len(xfrTestData)
The function is called Truncate, not Scrub (that was the old name).
Updated the function's documentation to rename this.
Signed-off-by: Miek Gieben <miek@miek.nl>
Previously it was possible for two different questions to hit the same
single in flight entry if the type or class isn't in the relevant
XToString map. This could happen for a proxy server or similar.
Miek Gieben
chantra
Richard Gibson
Charlie Vieth
Tom Thorogood
Tiago Ilieve
Frank Olbricht
Yaroslav Kolomiiets
Pepijnvi
Nick McKinney