Commit Diff
Diff:
8d900a068a631f95de25634e6c0944790dbf279c
1faaf617da3f19a30b7f3f39d8286045a6bcb48d
Commit:
1faaf617da3f19a30b7f3f39d8286045a6bcb48d
Tree:
01780b0b401ac13cf878f8645b3106790762d6ee
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Fri Dec 27 07:57:33 2019 UTC
Message:
additional.c: when there is no more room for a additional_rrsig() in additional_nsec3() don't reply a best effort, it messes up things, instead return 0 here to indicate that additional_nsec3() failed. reply.c: extra length checks in reply_nxdomain() and reply_noerror() to make sure that we truncate when going over a a replylen.
blob - ba873b1da91b674b5d1d1edff70cf277932ef621
blob + 2d2bc738633eca5cb555a05fdf5592971cc1cc6c
--- additional.c
+++ additional.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: additional.c,v 1.32 2019/12/11 16:22:26 pjp Exp $
+ * $Id: additional.c,v 1.33 2019/12/27 07:57:33 pjp Exp $
*/
#include <sys/types.h>
@@ -926,7 +926,7 @@ additional_nsec3(char *name, int namelen, int inttype,
tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC3, rbt, reply, replylen, offset, 0);
if (tmplen == 0) {
- goto out;
+ return 0;
}
offset = tmplen;
blob - e64f86124071041f9aaabd1ae9a2eb4654a897e6
blob + 885755ae336dce8fbe5852c5b6526184631655a1
--- reply.c
+++ reply.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: reply.c,v 1.97 2019/12/04 16:58:47 pjp Exp $
+ * $Id: reply.c,v 1.98 2019/12/27 07:57:33 pjp Exp $
*/
#include <sys/types.h>
@@ -4683,6 +4683,17 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
} /* if (find_rr(... DNS_TYPE_NSEC3PARAM) */
}
+ if (replysize < outlen) {
+ NTOHS(odh->query);
+ SET_DNS_TRUNCATION(odh);
+ HTONS(odh->query);
+ odh->answer = 0;
+ odh->nsrr = 0;
+ odh->additional = 0;
+ outlen = rollback;
+ goto out;
+ }
+
out:
if (q->edns0len) {
/* tag on edns0 opt record */
@@ -5309,6 +5320,17 @@ reply_noerror(struct sreply *sreply, ddDB *db)
if (outlen > origlen)
odh->nsrr = htons(4);
+ }
+
+ if (replysize < outlen) {
+ NTOHS(odh->query);
+ SET_DNS_TRUNCATION(odh);
+ HTONS(odh->query);
+ odh->answer = 0;
+ odh->nsrr = 0;
+ odh->additional = 0;
+ outlen = rollback;
+ goto out;
}
out:
repomaster@centroid.eu