Checking if xxCOUNT corresponds to the content.

- Trailing garbage (i.e. more data than expected from the xxCOUNT) is ignored and the packet is processed as if there were no such data. (This behaviour may change later according to other servers - see #1336). - If the packet contains less data then expected (xxCOUNT larger then real count of RRs in the corresponding section), FORMERR is returned. refs #1333 @1h

Checking if xxCOUNT corresponds to the content.
b26209a5 · Lubos Slovak · a8568c11 · b26209a5 · b26209a5 · b26209a5
Commit b26209a5 authored 13 years ago by Lubos Slovak
--- a/libknot/nameserver/name-server.c
+++ b/libknot/nameserver/name-server.c
@@ -2656,7 +2656,21 @@ int knot_ns_answer_normal(knot_nameserver_t *nameserver, knot_packet_t *query,
 		                       rsize);
 		return KNOT_EOK;
 	}
-	
+
+	/*
+	 * Semantic checks - if ANCOUNT > 0 or NSCOUNT > 0, return FORMERR.
+	 * Trailing garbage is ignored for now. If it should not be ignored,
+	 * the packet_parse_rest() function must be altered.
+	 */
+	if (knot_packet_ancount(query) > 0
+	    || knot_packet_nscount(query) > 0) {
+		dbg_ns("ANCOUNT or NSCOUNT not 0 in query, reply FORMERR.\n");
+		knot_ns_error_response(nameserver, knot_packet_id(query),
+		                       KNOT_RCODE_FORMERR, response_wire,
+		                       rsize);
+		return KNOT_EOK;
+	}
+
 	size_t resp_max_size = 0;
 	
 	assert(*rsize >= MAX_UDP_PAYLOAD);

--- a/libknot/packet/packet.c
+++ b/libknot/packet/packet.c
@@ -833,9 +833,22 @@ int knot_packet_parse_next_rr_answer(knot_packet_t *packet,
 		return KNOT_EBADARG;
 	}

-	if (packet->parsed >= packet->size
-	    || packet->an_rrsets == packet->header.ancount) {
-		*rr = NULL;
+	*rr = NULL;
+
+	if (packet->parsed >= packet->size) {
+		assert(packet->an_rrsets <= packet->header.ancount);
+		if (packet->an_rrsets != packet->header.ancount) {
+			dbg_packet("Parsed less RRs than expected.\n");
+			return KNOT_EMALF;
+		} else {
+			dbg_packet("Whole packet parsed\n");
+			return KNOT_EOK;
+		}
+	}
+
+	if (packet->an_rrsets == packet->header.ancount) {
+		assert(packet->parsed < packet->size);
+		dbg_packet("Trailing garbage, ignoring...\n");
 		return KNOT_EOK;
 	}

@@ -1033,6 +1046,39 @@ int knot_packet_tc(const knot_packet_t *packet)

 /*----------------------------------------------------------------------------*/

+int knot_packet_ancount(const knot_packet_t *packet)
+{
+	if (packet == NULL) {
+		return KNOT_EBADARG;
+	}
+
+	return packet->header.ancount;
+}
+
+/*----------------------------------------------------------------------------*/
+
+int knot_packet_nscount(const knot_packet_t *packet)
+{
+	if (packet == NULL) {
+		return KNOT_EBADARG;
+	}
+
+	return packet->header.nscount;
+}
+
+/*----------------------------------------------------------------------------*/
+
+int knot_packet_arcount(const knot_packet_t *packet)
+{
+	if (packet == NULL) {
+		return KNOT_EBADARG;
+	}
+
+	return packet->header.arcount;
+}
+
+/*----------------------------------------------------------------------------*/
+
 short knot_packet_answer_rrset_count(const knot_packet_t *packet)
 {
 	if (packet == NULL) {

--- a/libknot/packet/packet.h
+++ b/libknot/packet/packet.h
@@ -363,6 +363,12 @@ int knot_packet_rcode(const knot_packet_t *packet);

 int knot_packet_tc(const knot_packet_t *packet);

+int knot_packet_ancount(const knot_packet_t *packet);
+
+int knot_packet_nscount(const knot_packet_t *packet);
+
+int knot_packet_arcount(const knot_packet_t *packet);
+
 /*!
 * \brief Returns number of RRSets in Answer section of the packet.
 *