Pull request #4102: dns: fix parsing 'additionals' section in dns response

Merge in SNORT/snort3 from ~SVLASIUK/snort3:fix_dns_parser to master

Squashed commit of the following:

commit 59f0c3ae7d2ed2629ca72b2446cd34fe7f43be1f
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date:   Thu Nov 16 16:56:33 2023 +0200

    dns: fix parsing 'additionals' section in dns response

diff --git a/src/service_inspectors/dns/dns.cc b/src/service_inspectors/dns/dns.cc
index b02a746934e47ac783d131bf7466fccf3b697e41..4832145c5839cf7ee226c14d156e443499e6675b 100644 (file)
--- a/src/service_inspectors/dns/dns.cc
+++ b/src/service_inspectors/dns/dns.cc
@@ -348,6 +348,9 @@ static uint16_t ParseDNSName(
                 {
                     /* If this one is a relative offset, read that extra byte */
                     dnsSessionData->curr_txt.offset |= *data;
+                    if (dnsSessionData->length > 0)
+                        dnsSessionData->curr_txt.offset += 2; // first two bytes are length in TCP
+
                     if (parse_dns_name)
                     {
                         // parse recursively relative name
@@ -951,7 +954,7 @@ static void ParseDNSResponseMessage(Packet* p, DNSData* dnsSessionData, bool& ne
             dnsSessionData->curr_rec = 0;
         /* Fall through */
         case DNS_RESP_STATE_ADD_RR: /* ADDITIONALS section */
-            for (i=dnsSessionData->curr_rec; i<dnsSessionData->hdr.authorities; i++)
+            for (i=dnsSessionData->curr_rec; i<dnsSessionData->hdr.additionals; i++)
             {
                 bytes_unused = ParseDNSAnswer(data, bytes_unused, dnsSessionData);