Welcome! Log In Create A New Profile

Advanced

[nginx] Resolver: explicit check for compression pointers in question.

Maxim Dounin
May 25, 2021 11:36AM
details: https://hg.nginx.org/nginx/rev/3e78c12d4f37
branches: stable-1.20
changeset: 7863:3e78c12d4f37
user: Maxim Dounin <mdounin@mdounin.ru>
date: Tue May 25 15:17:50 2021 +0300
description:
Resolver: explicit check for compression pointers in question.

Since nginx always uses exactly one entry in the question section of
a DNS query, and never uses compression pointers in this entry, parsing
of a DNS response in ngx_resolver_process_response() does not expect
compression pointers to appear in the question section of the DNS
response. Indeed, compression pointers in the first name of a DNS response
hardly make sense, do not seem to be allowed by RFC 1035 (which says
"a pointer to a prior occurance of the same name", note "prior"), and
were never observed in practice.

Added an explicit check to ngx_resolver_process_response()'s parsing
of the question section to properly report an error if compression pointers
nevertheless appear in the question section.

diffstat:

src/core/ngx_resolver.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)

diffs (16 lines):

diff -r 60a1d97bedfe -r 3e78c12d4f37 src/core/ngx_resolver.c
--- a/src/core/ngx_resolver.c Tue May 25 15:17:45 2021 +0300
+++ b/src/core/ngx_resolver.c Tue May 25 15:17:50 2021 +0300
@@ -1798,6 +1798,12 @@ ngx_resolver_process_response(ngx_resolv
i = sizeof(ngx_resolver_hdr_t);

while (i < (ngx_uint_t) n) {
+
+ if (buf[i] & 0xc0) {
+ err = "unexpected compression pointer in DNS response";
+ goto done;
+ }
+
if (buf[i] == '\0') {
goto found;
}
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[nginx] Resolver: explicit check for compression pointers in question.

Maxim Dounin 138 May 25, 2021 11:36AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 57
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready