From: Alan T. DeKok Date: Sat, 16 Oct 2021 20:32:39 +0000 (-0400) Subject: add finer-grained errors X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d970cb47b4bcf32809320264489d1551867bced1;p=thirdparty%2Ffreeradius-server.git add finer-grained errors --- diff --git a/src/protocols/dns/base.c b/src/protocols/dns/base.c index 8a233f8ac79..282616e00ee 100644 --- a/src/protocols/dns/base.c +++ b/src/protocols/dns/base.c @@ -176,8 +176,8 @@ bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_d if (*p >= 0xc0) { size_t offset; - if ((p + 2) >= end) { - DECODE_FAIL(INVALID_RR_LABEL); + if ((p + 2) > end) { + DECODE_FAIL(POINTER_OVERFLOWS_PACKET); return false; } @@ -188,7 +188,7 @@ bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_d * Can't point to the header. */ if (offset < 12) { - DECODE_FAIL(INVALID_RR_LABEL); + DECODE_FAIL(POINTER_TO_HEADER); return false; } @@ -196,7 +196,7 @@ bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_d * Can't point to the current label. */ if ((packet + offset) >= start) { - DECODE_FAIL(INVALID_RR_LABEL); + DECODE_FAIL(POINTER_LOOPS); return false; } @@ -211,15 +211,15 @@ bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_d * 0b10 and 0b10 are forbidden */ if (*p > 63) { - DECODE_FAIL(INVALID_RR_LABEL); + DECODE_FAIL(INVALID_POINTER); return false; } /* * It must be a length byte, which doesn't cause overflow. */ - if ((p + *p + 1) >= end) { - DECODE_FAIL(INVALID_RR_LABEL); + if ((p + *p + 1) > end) { + DECODE_FAIL(LABEL_OVERFLOWS_PACKET); return false; } @@ -228,7 +228,7 @@ bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_d */ len += *p; if (len >= 256) { - DECODE_FAIL(INVALID_RR_LABEL); + DECODE_FAIL(LABEL_TOO_LONG); return false; } @@ -243,7 +243,7 @@ bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_d * qtype + qclass */ if ((p + 4) > end) { - DECODE_FAIL(MISSING_RR_HEADER); + DECODE_FAIL(MISSING_QD_HEADER); return false; } diff --git a/src/protocols/dns/decode.c b/src/protocols/dns/decode.c index 83148871a2e..5cfdcbd9517 100644 --- a/src/protocols/dns/decode.c +++ b/src/protocols/dns/decode.c @@ -674,6 +674,13 @@ static fr_table_num_ordered_t reason_fail_table[] = { { L("resource record length overflows the packet"), DECODE_FAIL_RR_OVERFLOWS_PACKET }, { L("more resource records than indicated in header"), DECODE_FAIL_TOO_MANY_RRS }, { L("fewer resource records than indicated in header"), DECODE_FAIL_TOO_FEW_RRS }, + { L("pointer overflows packet"), DECODE_FAIL_POINTER_OVERFLOWS_PACKET }, + { L("pointer points to packet header"), DECODE_FAIL_POINTER_TO_HEADER }, + { L("pointer creates a loop"), DECODE_FAIL_POINTER_LOOPS }, + { L("invalid pointer"), DECODE_FAIL_INVALID_POINTER }, + { L("label overflows the packet"), DECODE_FAIL_LABEL_OVERFLOWS_PACKET }, + { L("too many characters in label"), DECODE_FAIL_LABEL_TOO_LONG }, + { L("query record header is missing"), DECODE_FAIL_MISSING_QD_HEADER }, }; static size_t reason_fail_table_len = NUM_ELEMENTS(reason_fail_table); diff --git a/src/protocols/dns/dns.h b/src/protocols/dns/dns.h index dc8ab2ef0ef..a0ed04d822a 100644 --- a/src/protocols/dns/dns.h +++ b/src/protocols/dns/dns.h @@ -118,6 +118,13 @@ typedef enum { DECODE_FAIL_RR_OVERFLOWS_PACKET, DECODE_FAIL_TOO_MANY_RRS, DECODE_FAIL_TOO_FEW_RRS, + DECODE_FAIL_POINTER_OVERFLOWS_PACKET, + DECODE_FAIL_POINTER_TO_HEADER, + DECODE_FAIL_POINTER_LOOPS, + DECODE_FAIL_INVALID_POINTER, + DECODE_FAIL_LABEL_OVERFLOWS_PACKET, + DECODE_FAIL_LABEL_TOO_LONG, + DECODE_FAIL_MISSING_QD_HEADER, DECODE_FAIL_MAX } fr_dns_decode_fail_t;