3rd-party/libtins
1
0
Fork 0
mirror of https://github.com/mfontanini/libtins synced 2026-01-29 13:04:28 +01:00
Code Issues Releases Wiki Activity

dns: parser reads into garbage on misreported packet size (#468)

Browse Source 
Co-authored-by: Bill Willcox <billwcorp@gmail.com>
This commit is contained in:
Bill Willcox
2022-02-26 17:29:22 -05:00
committed by GitHub
parent c302e659d7
commit 7204fbd688
3 changed files with 64 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/dns.cpp
View File

@@ -414,10 +414,11 @@ void DNS::inline_convert_v4(uint32_t value, char* output) {
// Parses records in some section.
void DNS::convert_records(const uint8_t* ptr,
const uint8_t* end,
resources_type& res) const {
resources_type& res,
const uint16_t rr_count) const {
InputMemoryStream stream(ptr, end - ptr);
char dname[256], small_addr_buf[256];
while (stream) {
while (stream && (res.size() < rr_count)) {
string data;
bool used_small_buffer = false;
// Retrieve the record's domain name.
@@ -577,7 +578,8 @@ DNS::resources_type DNS::answers() const {
convert_records(
&records_data_[0] + answers_idx_,
&records_data_[0] + authority_idx_,
res
res,
answers_count()
);
}
return res;
@@ -589,7 +591,8 @@ DNS::resources_type DNS::authority() const {
convert_records(
&records_data_[0] + authority_idx_,
&records_data_[0] + additional_idx_,
res
res,
authority_count()
);
}
return res;
@@ -601,7 +604,8 @@ DNS::resources_type DNS::additional() const {
convert_records(
&records_data_[0] + additional_idx_,
&records_data_[0] + records_data_.size(),
res
res,
additional_count()
);
}
return res;