[ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone
W.C.A. Wijngaards
wouter at NLnetLabs.nl
Wed Jan 12 08:31:16 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On 01/11/2011 08:31 PM, Robert Edmonds wrote:
> Miek Gieben wrote:
>> 287 len = strlen((char*)str);
>> 288 /* octet representation can make strings a lot longer than actual length */
>> 289 if (len > LDNS_MAX_DOMAINLEN * 4) {
>> 290 return LDNS_STATUS_DOMAINNAME_OVERFLOW;
>> 291 }
>
> ldns/rr.h:#define LDNS_MAX_DOMAINLEN 255
>
> 255 * 4 is 1020.
>
> from libbind <arpa/nameser.h>,
>
> #define NS_MAXDNAME 1025 /*%< maximum domain name (presentation format)*/
>
> i don't recall off-hand the math to come up with the 1025 value...
I would argue that the ldns 4*255 is correct. The max wireformat domain
name length including label-count-values and end-root-label is 255
(because 1034 says so and because that fits into a single octet). Thus
its representation cannot be longer than 255 * '\123'. Actually even a
little shorter since the final root label would be a '.' and thus not 4
characters in its representation, and other label-divisor dots would
also be short dots. And since labels can be 63 characters at most and
then require a dot to terminate the label, it is actually again a couple
characters shorter.
So the longest representation domain name has few labels (because dots
are so short), 256/64 is 4 labels. Of the 255 octets on the wire, 4 are
label lengths and one is the end root label. leaving 251 octets that
need '\123' representation, for a maximum length of 251*4 + 5 = 1009.
Best regards,
Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAk0tZtQACgkQkDLqNwOhpPi75wCcCnjlLEodXeg395MtBEr1AhWX
wFUAnR0Roz2AStJoXJgvUtyU9XhaW+92
=/B8Z
-----END PGP SIGNATURE-----
More information about the ldns-users
mailing list