Thanks Jérôme,
CCing Baptiste for approval (in case we've missed anything, I'm clueless
about DNS).
Willy
On Sun, Jul 26, 2020 at 06:04:38PM +0200, Jerome Magnin wrote:
> Hi Tim,
>
> On Sun, Jul 26, 2020 at 05:47:00PM +0200, Tim Düsterhus wrote:
> > Jerome,
> >
> > Regarding the commit message: Please add backporting information to the
> > end of the commit message body (I believe it should be 2.2+).
>
> You're right the commit I mentionned in the message was indeed
> introduced in 2.2-dev, so this must be backported to 2.2.
> >
> > Regarding the patch:
> >
> > + /* skip 2 bytes for ttl */
> > + reader += 4;
> >
> > Either the commit or the code is incorrect here.
> The comment was wrong indeed. Thanks for your review.
>
> --
> Jérôme
> >From 363ed1dd2f3ded7837bbb424eabb309803fc6292 Mon Sep 17 00:00:00 2001
> From: Jerome Magnin <jer...@layaute.net>
> Date: Sun, 26 Jul 2020 12:13:12 +0200
> Subject: [PATCH] BUG/MAJOR: dns: don't treat Authority records as an error
>
> Support for DNS Service Discovery by means of SRV records was enhanced with
> commit 13a9232eb ("MEDIUM: dns: use Additional records from SRV responses")
> to use the content of the answers Additional records when present.
>
> If there are Authority records before the Additional records we mistakenly
> treat that as an invalid response. To fix this, just ignore the Authority
> section if it exist and skip to the Additional records.
>
> As 13a9232eb was introduced during 2.2-dev, it must be backported to 2.2.
> ---
> src/dns.c | 27 +++++++++++++++++++++++++++
> 1 file changed, 27 insertions(+)
>
> diff --git a/src/dns.c b/src/dns.c
> index 6a8ab831c..7ea35ac11 100644
> --- a/src/dns.c
> +++ b/src/dns.c
> @@ -1044,6 +1044,33 @@ static int dns_validate_dns_response(unsigned char
> *resp, unsigned char *bufend,
> if (dns_query->type != DNS_RTYPE_SRV)
> goto skip_parsing_additional_records;
>
> + for (i = 0; i < dns_p->header.nscount; i++) {
> + offset = 0;
> + len = dns_read_name(resp, bufend, reader, tmpname,
> DNS_MAX_NAME_SIZE,
> + &offset, 0);
> + if (len == 0) {
> + continue;
> + }
> +
> + if (reader + offset + 10 >= bufend)
> + goto invalid_resp;
> +
> + reader += offset;
> + /* skip 2 bytes for class */
> + reader += 2;
> + /* skip 2 bytes for type */
> + reader += 2;
> + /* skip 4 bytes for ttl */
> + reader += 4;
> + /* read data len */
> + len = reader[0] * 256 + reader[1];
> + reader += 2;
> +
> + if (reader + len >= bufend)
> + goto invalid_resp;
> +
> + reader += len;
> + }
> nb_saved_records = 0;
> for (i = 0; i < dns_p->header.arcount; i++) {
> if (reader >= bufend)
> --
> 2.27.0
>
