Package: c-ares Version: 1.7.3-1 Hi,
c-ares has a bug in ares_expand_name: it assumes the encoded length of "." is always 1 (as it should be a single null byte), but it could be an indirect "." too, which is 2 bytes long (in most cases 0xc0 0x0c, referring to the question name). So it cannot parse responses to queries like (dig) "NS ." Btw: I think there are many ugly casts in the source, like char *buf; unsigned short x = ntohs(*(unsigned short*) buf); These should be fixed (with memcpy for example), as not all platform support unaligned memory access. See https://github.com/bagder/c-ares/pull/2 diff --git a/ares_expand_name.c b/ares_expand_name.c index 2af6b2a..8f40b58 100644 --- a/ares_expand_name.c +++ b/ares_expand_name.c @@ -87,7 +87,12 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf, * Since this function strips trailing dots though, it becomes "" */ q[0] = '\0'; - *enclen = 1; /* the caller should move one byte to get past this */ + /* indirect root label (like 0xc0 0x0c) is 2 bytes long (stupid, but valid) */ + if ((*encoded & INDIR_MASK) == INDIR_MASK) { + *enclen = 2; + } else { + *enclen = 1; /* the caller should move one byte to get past this */ + } return ARES_SUCCESS; } -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
