git.ipfire.org Git - thirdparty/suricata.git/commit

author	Jason Ish <jason.ish@oisf.net>
	Thu, 31 Oct 2024 21:40:40 +0000 (15:40 -0600)
committer	Victor Julien <vjulien@oisf.net>
	Thu, 12 Dec 2024 08:57:48 +0000 (09:57 +0100)
commit	58c41a7fa99f62d9a8688e970ab1a9b09c79723a
tree	0a499c1572a33a9174f41b8679877d2e13e45a2a	tree
parent	7d47fcf7f7fefacd2b0d8f482534a83b35a3c45e	commit \| diff

dns: truncate names larger than 1025 characters

Once a name has gone over 1025 chars it will be truncated to 1025
chars and no more labels will be added to it, however the name will
continue to be parsed up to the label limit in attempt to find the end
so parsing can continue.

This introduces a new struct, DNSName which contains the name and any
flags which indicate any name parsing errors which should not error
out parsing the complete message, for example, infinite recursion
after some labels are parsed can continue, or truncation of name where
compression was used so we know the start of the next data to be
parsed.

This limits the logged DNS messages from being over our maximum size
of 10Mb in the case of really long names.

Ticket: #7280

(cherry picked from commit 3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d)

rust/src/dns/dns.rs		diff \| blob \| blame \| history
rust/src/dns/log.rs		diff \| blob \| blame \| history
rust/src/dns/lua.rs		diff \| blob \| blame \| history
rust/src/dns/parser.rs		diff \| blob \| blame \| history