« back to all changes in this revision
Viewing changes to src/rfc1035.c
- browse files at revision 11
- compare with another revision
- download diff
- download tarball
- view history from revision 11
- Committer: Bazaar Package Importer
- Author(s): Simon Kelley
- Date: 2009-02-07 19:25:23 UTC
- mfrom: (10.1.3 sid)
- Revision ID: james.westby@ubuntu.com-20090207192523-zut5qet639v1httx
* Fix bashism in init script. (closes: #514397)
* Tweak logging in init script.
* Tweak logging in init script.
added
removed
src/rfc1035.c
1
/* dnsmasq is Copyright (c) 2000-2007 Simon Kelley
1
/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
2
2
3
3
This program is free software; you can redistribute it and/or modify
4
4
it under the terms of the GNU General Public License as published by
10
10
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
11
GNU General Public License for more details.
12
12
13
You should have received a copy of the GNU General Public License
14
along with this program. If not, see <http://www.gnu.org/licenses/>.
13
You should have received a copy of the GNU General Public License
14
along with this program. If not, see <http://www.gnu.org/licenses/>.
15
15
*/
16
16
17
17
#include "dnsmasq.h"
21
21
unsigned long ttl, unsigned int *offset, unsigned short type,
22
22
unsigned short class, char *format, ...);
23
23
24
#define CHECK_LEN(header, pp, plen, len) \
25
((size_t)((pp) - (unsigned char *)(header) + (len)) <= (plen))
26
27
#define ADD_RDLEN(header, pp, plen, len) \
28
(!CHECK_LEN(header, pp, plen, len) ? 0 : (long)((pp) += (len)), 1)
29
24
30
static int extract_name(HEADER *header, size_t plen, unsigned char **pp,
25
char *name, int isExtract)
31
char *name, int isExtract, int extrabytes)
26
32
{
27
33
unsigned char *cp = (unsigned char *)name, *p = *pp, *p1 = NULL;
28
34
unsigned int j, l, hops = 0;
31
37
if (isExtract)
32
38
*cp = 0;
33
39
34
while ((l = *p++))
35
{
36
unsigned int label_type = l & 0xc0;
40
while (1)
41
{
42
unsigned int label_type;
43
44
if (!CHECK_LEN(header, p, plen, 1))
45
return 0;
46
47
if ((l = *p++) == 0)
48
/* end marker */
49
{
50
/* check that there are the correct no of bytes after the name */
51
if (!CHECK_LEN(header, p, plen, extrabytes))
52
return 0;
53
54
if (isExtract)
55
{
56
if (cp != (unsigned char *)name)
57
cp--;
58
*cp = 0; /* terminate: lose final period */
59
}
60
else if (*cp != 0)
61
retvalue = 2;
62
63
if (p1) /* we jumped via compression */
64
*pp = p1;
65
else
66
*pp = p;
67
68
return retvalue;
69
}
70
71
label_type = l & 0xc0;
72
37
73
if (label_type == 0xc0) /* pointer */
38
74
{
39
if ((size_t)(p - (unsigned char *)header) >= plen)
75
if (!CHECK_LEN(header, p, plen, 1))
40
76
return 0;
41
77
42
78
/* get offset */
43
79
l = (l&0x3f) << 8;
44
80
l |= *p++;
45
if (l >= plen)
46
return 0;
47
81
48
82
if (!p1) /* first jump, save location to go back to */
49
83
p1 = p;
74
108
/* output is \[x<hex>/siz]. which is digs+9 chars */
75
109
if (cp - (unsigned char *)name + digs + 9 >= MAXDNAME)
76
110
return 0;
77
if ((size_t)(p - (unsigned char *)header + ((count-1)>>3)) >= plen)
111
if (!CHECK_LEN(header, p, plen, (count-1)>>3))
78
112
return 0;
79
113
80
114
*cp++ = '\\';
98
132
{ /* label_type = 0 -> label. */
99
133
if (cp - (unsigned char *)name + l + 1 >= MAXDNAME)
100
134
return 0;
101
if ((size_t)(p - (unsigned char *)header) >= plen)
135
if (!CHECK_LEN(header, p, plen, l))
102
136
return 0;
137
103
138
for(j=0; j<l; j++, p++)
104
139
if (isExtract)
105
140
{
132
167
else if (*cp != 0 && *cp++ != '.')
133
168
retvalue = 2;
134
169
}
135
136
if ((unsigned int)(p - (unsigned char *)header) >= plen)
137
return 0;
138
}
139
140
if (isExtract)
141
{
142
if (cp != (unsigned char *)name)
143
cp--;
144
*cp = 0; /* terminate: lose final period */
145
}
146
else if (*cp != 0)
147
retvalue = 2;
148
149
if (p1) /* we jumped via compression */
150
*pp = p1;
151
else
152
*pp = p;
153
154
return retvalue;
170
}
155
171
}
156
172
157
173
/* Max size of input string (for IPv6) is 75 chars.) */
261
277
return 0;
262
278
}
263
279
264
static unsigned char *skip_name(unsigned char *ansp, HEADER *header, size_t plen)
280
static unsigned char *skip_name(unsigned char *ansp, HEADER *header, size_t plen, int extrabytes)
265
281
{
266
282
while(1)
267
283
{
268
unsigned int label_type = (*ansp) & 0xc0;
284
unsigned int label_type;
269
285
270
if ((unsigned int)(ansp - (unsigned char *)header) >= plen)
286
if (!CHECK_LEN(header, ansp, plen, 1))
271
287
return NULL;
272
288
289
label_type = (*ansp) & 0xc0;
290
273
291
if (label_type == 0xc0)
274
292
{
275
293
/* pointer for compression. */
283
301
/* Extended label type */
284
302
unsigned int count;
285
303
304
if (!CHECK_LEN(header, ansp, plen, 2))
305
return NULL;
306
286
307
if (((*ansp++) & 0x3f) != 1)
287
308
return NULL; /* we only understand bitstrings */
288
309
296
317
else
297
318
{ /* label type == 0 Bottom six bits is length */
298
319
unsigned int len = (*ansp++) & 0x3f;
320
321
if (!ADD_RDLEN(header, ansp, plen, len))
322
return NULL;
323
299
324
if (len == 0)
300
325
break; /* zero length label marks the end. */
301
302
ansp += len;
303
326
}
304
327
}
328
329
if (!CHECK_LEN(header, ansp, plen, extrabytes))
330
return NULL;
305
331
306
332
return ansp;
307
333
}
313
339
314
340
for (q = ntohs(header->qdcount); q != 0; q--)
315
341
{
316
if (!(ansp = skip_name(ansp, header, plen)))
342
if (!(ansp = skip_name(ansp, header, plen, 4)))
317
343
return NULL;
318
344
ansp += 4; /* class and type */
319
345
}
320
if ((unsigned int)(ansp - (unsigned char *)header) > plen)
321
return NULL;
322
346
323
347
return ansp;
324
348
}
329
353
330
354
for (i = 0; i < count; i++)
331
355
{
332
if (!(ansp = skip_name(ansp, header, plen)))
356
if (!(ansp = skip_name(ansp, header, plen, 10)))
333
357
return NULL;
334
358
ansp += 8; /* type, class, TTL */
335
359
GETSHORT(rdlen, ansp);
336
if ((unsigned int)(ansp + rdlen - (unsigned char *)header) > plen)
360
if (!ADD_RDLEN(header, ansp, plen, rdlen))
337
361
return NULL;
338
ansp += rdlen;
339
362
}
340
363
341
364
return ansp;
355
378
356
379
for (q = ntohs(header->qdcount); q != 0; q--)
357
380
{
358
if (!extract_name(header, plen, &p, name, 1))
381
if (!extract_name(header, plen, &p, name, 1, 4))
359
382
return crc; /* bad packet */
360
383
361
384
for (p1 = (unsigned char *)name; *p1; p1++)
381
404
}
382
405
383
406
p += 4;
384
if ((unsigned int)(p - (unsigned char *)header) > plen)
407
if (!CHECK_LEN(header, p, plen, 0))
385
408
return crc; /* bad packet */
386
409
}
387
410
393
416
{
394
417
unsigned char *ansp = skip_questions(header, plen);
395
418
419
/* if packet is malformed, just return as-is. */
396
420
if (!ansp)
397
return 0;
421
return plen;
398
422
399
423
if (!(ansp = skip_section(ansp, ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount),
400
424
header, plen)))
401
return 0;
425
return plen;
402
426
403
427
/* restore pseudoheader */
404
428
if (pheader && ntohs(header->arcount) == 0)
432
456
{
433
457
for (i = ntohs(header->qdcount); i != 0; i--)
434
458
{
435
if (!(ansp = skip_name(ansp, header, plen)))
459
if (!(ansp = skip_name(ansp, header, plen, 4)))
436
460
return NULL;
437
461
438
462
GETSHORT(type, ansp);
458
482
for (i = 0; i < arcount; i++)
459
483
{
460
484
unsigned char *save, *start = ansp;
461
if (!(ansp = skip_name(ansp, header, plen)))
485
if (!(ansp = skip_name(ansp, header, plen, 10)))
462
486
return NULL;
463
487
464
488
GETSHORT(type, ansp);
466
490
GETSHORT(class, ansp);
467
491
ansp += 4; /* TTL */
468
492
GETSHORT(rdlen, ansp);
469
if ((size_t)(ansp + rdlen - (unsigned char *)header) > plen)
493
if (!ADD_RDLEN(header, ansp, plen, rdlen))
470
494
return NULL;
471
ansp += rdlen;
472
495
if (type == T_OPT)
473
496
{
474
497
if (len)
508
531
509
532
for (i = count; i != 0; i--)
510
533
{
511
if (!(p = skip_name(p, header, qlen)))
534
if (!(p = skip_name(p, header, qlen, 10)))
512
535
return 0; /* bad packet */
513
536
514
537
GETSHORT(qtype, p);
521
544
struct doctor *doctor;
522
545
struct in_addr addr;
523
546
524
/* alignment */
547
if (!CHECK_LEN(header, p, qlen, INADDRSZ))
548
return 0;
549
550
/* alignment */
525
551
memcpy(&addr, p, INADDRSZ);
526
552
527
553
for (doctor = daemon->doctors; doctor; doctor = doctor->next)
528
if (is_same_net(doctor->in, addr, doctor->mask))
529
{
530
addr.s_addr &= ~doctor->mask.s_addr;
531
addr.s_addr |= (doctor->out.s_addr & doctor->mask.s_addr);
532
/* Since we munged the data, the server it came from is no longer authoritative */
533
header->aa = 0;
534
memcpy(p, &addr, INADDRSZ);
535
break;
536
}
554
{
555
if (doctor->end.s_addr == 0)
556
{
557
if (!is_same_net(doctor->in, addr, doctor->mask))
558
continue;
559
}
560
else if (ntohl(doctor->in.s_addr) > ntohl(addr.s_addr) ||
561
ntohl(doctor->end.s_addr) < ntohl(addr.s_addr))
562
continue;
563
564
addr.s_addr &= ~doctor->mask.s_addr;
565
addr.s_addr |= (doctor->out.s_addr & doctor->mask.s_addr);
566
/* Since we munged the data, the server it came from is no longer authoritative */
567
header->aa = 0;
568
memcpy(p, &addr, INADDRSZ);
569
break;
570
}
537
571
}
538
572
539
p += rdlen;
540
541
if ((size_t)(p - (unsigned char *)header) > qlen)
542
return 0; /* bad packet */
573
if (!ADD_RDLEN(header, p, qlen, rdlen))
574
return 0; /* bad packet */
543
575
}
544
576
545
577
return p;
559
591
560
592
for (i = ntohs(header->nscount); i != 0; i--)
561
593
{
562
if (!(p = skip_name(p, header, qlen)))
594
if (!(p = skip_name(p, header, qlen, 10)))
563
595
return 0; /* bad packet */
564
596
565
597
GETSHORT(qtype, p);
574
606
minttl = ttl;
575
607
576
608
/* MNAME */
577
if (!(p = skip_name(p, header, qlen)))
609
if (!(p = skip_name(p, header, qlen, 0)))
578
610
return 0;
579
611
/* RNAME */
580
if (!(p = skip_name(p, header, qlen)))
612
if (!(p = skip_name(p, header, qlen, 20)))
581
613
return 0;
582
614
p += 16; /* SERIAL REFRESH RETRY EXPIRE */
583
615
585
617
if (ttl < minttl)
586
618
minttl = ttl;
587
619
}
588
else
589
p += rdlen;
590
591
if ((size_t)(p - (unsigned char *)header) > qlen)
620
else if (!ADD_RDLEN(header, p, qlen, rdlen))
592
621
return 0; /* bad packet */
593
622
}
594
623
595
624
/* rewrite addresses in additioal section too */
596
625
if (!do_doctor(p, ntohs(header->arcount), header, qlen))
597
626
return 0;
633
662
unsigned long cttl = ULONG_MAX, attl;
634
663
635
664
namep = p;
636
if (!extract_name(header, qlen, &p, name, 1))
665
if (!extract_name(header, qlen, &p, name, 1, 4))
637
666
return 0; /* bad packet */
638
667
639
668
GETSHORT(qtype, p);
661
690
{
662
691
unsigned char *tmp = namep;
663
692
/* the loop body overwrites the original name, so get it back here. */
664
if (!extract_name(header, qlen, &tmp, name, 1) ||
665
!(res = extract_name(header, qlen, &p1, name, 0)))
693
if (!extract_name(header, qlen, &tmp, name, 1, 0) ||
694
!(res = extract_name(header, qlen, &p1, name, 0, 10)))
666
695
return 0; /* bad packet */
667
696
668
697
GETSHORT(aqtype, p1);
677
706
678
707
if (aqclass == C_IN && res != 2 && (aqtype == T_CNAME || aqtype == T_PTR))
679
708
{
680
if (!extract_name(header, qlen, &p1, name, 1))
709
if (!extract_name(header, qlen, &p1, name, 1, 0))
681
710
return 0;
682
711
683
712
if (aqtype == T_CNAME)
692
721
}
693
722
694
723
p1 = endrr;
695
if ((size_t)(p1 - (unsigned char *)header) > qlen)
724
if (!CHECK_LEN(header, p1, qlen, 0))
696
725
return 0; /* bad packet */
697
726
}
698
727
}
737
766
738
767
for (j = ntohs(header->ancount); j != 0; j--)
739
768
{
740
if (!(res = extract_name(header, qlen, &p1, name, 0)))
769
if (!(res = extract_name(header, qlen, &p1, name, 0, 10)))
741
770
return 0; /* bad packet */
742
771
743
772
GETSHORT(aqtype, p1);
763
792
if (attl < cttl)
764
793
cttl = attl;
765
794
766
if (!extract_name(header, qlen, &p1, name, 1))
795
if (!extract_name(header, qlen, &p1, name, 1, 0))
767
796
return 0;
768
797
goto cname_loop1;
769
798
}
770
799
else
771
800
{
772
801
found = 1;
802
773
803
/* copy address into aligned storage */
804
if (!CHECK_LEN(header, p1, qlen, addrlen))
805
return 0; /* bad packet */
774
806
memcpy(&addr, p1, addrlen);
775
807
776
808
/* check for returned address in private space */
790
822
}
791
823
792
824
p1 = endrr;
793
if ((size_t)(p1 - (unsigned char *)header) > qlen)
825
if (!CHECK_LEN(header, p1, qlen, 0))
794
826
return 0; /* bad packet */
795
827
}
796
828
}
839
871
if (ntohs(header->qdcount) != 1 || header->opcode != QUERY)
840
872
return 0; /* must be exactly one query. */
841
873
842
if (!extract_name(header, qlen, &p, name, 1))
874
if (!extract_name(header, qlen, &p, name, 1, 4))
843
875
return 0; /* bad packet */
844
876
845
877
GETSHORT(qtype, p);
953
985
954
986
for (i = ntohs(header->ancount); i != 0; i--)
955
987
{
956
if (!extract_name(header, qlen, &p, name, 1))
988
if (!extract_name(header, qlen, &p, name, 1, 10))
957
989
return 0; /* bad packet */
958
990
959
991
GETSHORT(qtype, p);
962
994
GETSHORT(rdlen, p);
963
995
964
996
if (qclass == C_IN && qtype == T_A)
965
for (baddrp = baddr; baddrp; baddrp = baddrp->next)
966
if (memcmp(&baddrp->addr, p, INADDRSZ) == 0)
967
{
968
/* Found a bogus address. Insert that info here, since there no SOA record
969
to get the ttl from in the normal processing */
970
cache_start_insert();
971
cache_insert(name, NULL, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN | F_CONFIG);
972
cache_end_insert();
973
974
return 1;
975
}
997
{
998
if (!CHECK_LEN(header, p, qlen, INADDRSZ))
999
return 0;
1000
1001
for (baddrp = baddr; baddrp; baddrp = baddrp->next)
1002
if (memcmp(&baddrp->addr, p, INADDRSZ) == 0)
1003
{
1004
/* Found a bogus address. Insert that info here, since there no SOA record
1005
to get the ttl from in the normal processing */
1006
cache_start_insert();
1007
cache_insert(name, NULL, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN | F_CONFIG);
1008
cache_end_insert();
1009
1010
return 1;
1011
}
1012
}
976
1013
977
p += rdlen;
1014
if (!ADD_RDLEN(header, p, qlen, rdlen))
1015
return 0;
978
1016
}
979
1017
980
1018
return 0;
1073
1111
return 1;
1074
1112
}
1075
1113
1114
static unsigned long crec_ttl(struct crec *crecp, time_t now)
1115
{
1116
/* Return 0 ttl for DHCP entries, which might change
1117
before the lease expires. */
1118
1119
if (crecp->flags & (F_IMMORTAL | F_DHCP))
1120
return daemon->local_ttl;
1121
1122
return crecp->ttd - now;
1123
}
1124
1125
1076
1126
/* return zero if we can't answer from cache, or packet size if we can */
1077
1127
size_t answer_request(HEADER *header, char *limit, size_t qlen,
1078
1128
struct in_addr local_addr, struct in_addr local_netmask, time_t now)
1137
1187
nameoffset = p - (unsigned char *)header;
1138
1188
1139
1189
/* now extract name as .-concatenated string into name */
1140
if (!extract_name(header, qlen, &p, name, 1))
1190
if (!extract_name(header, qlen, &p, name, 1, 4))
1141
1191
return 0; /* bad packet */
1142
1192
1143
1193
GETSHORT(qtype, p);
1239
1289
auth = 0;
1240
1290
if (!dryrun)
1241
1291
{
1242
unsigned long ttl;
1243
/* Return 0 ttl for DHCP entries, which might change
1244
before the lease expires. */
1245
if (crecp->flags & (F_IMMORTAL | F_DHCP))
1246
ttl = daemon->local_ttl;
1247
else
1248
ttl = crecp->ttd - now;
1249
1250
1292
log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr,
1251
1293
record_source(daemon->addn_hosts, crecp->uid));
1252
1294
1253
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, ttl, NULL,
1295
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
1296
crec_ttl(crecp, now), NULL,
1254
1297
T_PTR, C_IN, "d", cache_get_name(crecp)))
1255
1298
anscount++;
1256
1299
}
1358
1401
if (!dryrun)
1359
1402
{
1360
1403
log_query(crecp->flags, name, NULL, record_source(daemon->addn_hosts, crecp->uid));
1361
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, crecp->ttd - now, &nameoffset,
1404
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
1405
crec_ttl(crecp, now), &nameoffset,
1362
1406
T_CNAME, C_IN, "d", cache_get_name(crecp->addr.cname.cache)))
1363
1407
anscount++;
1364
1408
}
1391
1435
ans = 1;
1392
1436
if (!dryrun)
1393
1437
{
1394
unsigned long ttl;
1395
1396
if (crecp->flags & (F_IMMORTAL | F_DHCP))
1397
ttl = daemon->local_ttl;
1398
else
1399
ttl = crecp->ttd - now;
1400
1401
1438
log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr.addr,
1402
1439
record_source(daemon->addn_hosts, crecp->uid));
1403
1440
1404
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, ttl, NULL, type, C_IN,
1441
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
1442
crec_ttl(crecp, now), NULL, type, C_IN,
1405
1443
type == T_A ? "4" : "6", &crecp->addr))
1406
1444
anscount++;
1407
1445
}
1529
1567
crecp = NULL;
1530
1568
while ((crecp = cache_find_by_name(crecp, rec->target, now, F_IPV4 | F_IPV6)))
1531
1569
{
1532
unsigned long ttl;
1533
1570
#ifdef HAVE_IPV6
1534
1571
int type = crecp->flags & F_IPV4 ? T_A : T_AAAA;
1535
1572
#else
1538
1575
if (crecp->flags & F_NEG)
1539
1576
continue;
1540
1577
1541
if (crecp->flags & (F_IMMORTAL | F_DHCP))
1542
ttl = daemon->local_ttl;
1543
else
1544
ttl = crecp->ttd - now;
1545
1546
if (add_resource_record(header, limit, NULL, rec->offset, &ansp, ttl, NULL, type, C_IN,
1578
if (add_resource_record(header, limit, NULL, rec->offset, &ansp,
1579
crec_ttl(crecp, now), NULL, type, C_IN,
1547
1580
crecp->flags & F_IPV4 ? "4" : "6", &crecp->addr))
1548
1581
addncount++;
1549
1582
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1