[ldns-users] ldns_wire2dname() doesn't reject some invalid pointers

W.C.A. Wijngaards wouter at NLnetLabs.nl
Mon Sep 7 07:21:19 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Robert,

Accept lenient, send strictly.  Hence the acceptance of forward
pointers for compression.

ldns does check for loops, if that is what you're worried about.

Best regards,
   Wouter

On 09/06/2009 08:31 PM, Robert Edmonds wrote:
> RFC 1035 section 4.1.4 says this about message compression:
> 
>     "In this scheme, an entire domain name or a list of labels at the
>     end of a domain name is replaced with a pointer to a prior occurance
>     of the same name."
> 
> note that the pointer must point backwards in the packet (a prior
> occurrence) and must point to a name.
> 
> here's a DNS message that ldns 1.6 parses successfully:
> 
> ca8884000001000000010000047864636a03636f6d00001c0001c01c0006000102000e10002c000a686f73746d61737465720a6e616d65736572766572000000000f0000708000001c2000093a8000003a80
> 
> the owner name of the first RR in the authority section starts with a
> pointer *forward* one octet in the packet to the first octet of the type
> field, which happens to be zero.  and the type field of an RR isn't a
> name, so a compression pointer can't point to it.
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkqktG8ACgkQkDLqNwOhpPioQwCgjHxFe0o5iu4tOx1ecDGmlM8+
3VMAn1xYQG0lUFyg8ZV5TpxgPfhAh8+Z
=91LY
-----END PGP SIGNATURE-----



More information about the ldns-users mailing list