From ed4efb08050b31571c6b9540a2b78b502c667206 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Tue, 20 Jan 2009 04:39:29 +0000 Subject: [PATCH] 2532. [bug] dig: check the question section of the response to see if it matches the asked question. [RT #18495] --- CHANGES | 3 ++ bin/dig/dighost.c | 75 +++++++++++++++++++++++++++++++++++++++-------- 2 files changed, 65 insertions(+), 13 deletions(-) diff --git a/CHANGES b/CHANGES index 489c801827..b7481a466a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +2532. [bug] dig: check the question section of the response to + see if it matches the asked question. [RT #18495] + 2531. [bug] Change #2207 was incomplete. [RT #19098] 2530. [bug] named failed to reject insecure to secure transitions diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 5421532bb2..9fc6eccdfe 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dighost.c,v 1.317 2009/01/17 23:47:42 tbox Exp $ */ +/* $Id: dighost.c,v 1.318 2009/01/20 04:39:29 marka Exp $ */ /*! \file * \note @@ -2951,18 +2951,8 @@ recv_done(isc_task_t *task, isc_event_t *event) { if (result == ISC_R_SUCCESS && (msgflags & DNS_MESSAGEFLAG_QR) == 0) printf(";; Warning: query response not set\n"); - if (!match) { - isc_buffer_invalidate(&query->recvbuf); - isc_buffer_init(&query->recvbuf, query->recvspace, COMMSIZE); - ISC_LIST_ENQUEUE(query->recvlist, &query->recvbuf, link); - result = isc_socket_recvv(query->sock, &query->recvlist, 1, - global_task, recv_done, query); - check_result(result, "isc_socket_recvv"); - recvcount++; - isc_event_free(&event); - UNLOCK_LOOKUP; - return; - } + if (!match) + goto udp_mismatch; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); check_result(result, "dns_message_create"); @@ -3017,6 +3007,52 @@ recv_done(isc_task_t *task, isc_event_t *event) { UNLOCK_LOOKUP; return; } + if (msg->counts[DNS_SECTION_QUESTION] != 0) { + match = ISC_TRUE; + for (result = dns_message_firstname(msg, DNS_SECTION_QUESTION); + result == ISC_R_SUCCESS && match; + result = dns_message_nextname(msg, DNS_SECTION_QUESTION)) { + dns_name_t *name = NULL; + dns_rdataset_t *rdataset; + + dns_message_currentname(msg, DNS_SECTION_QUESTION, + &name); + for (rdataset = ISC_LIST_HEAD(name->list); + rdataset != NULL; + rdataset = ISC_LIST_NEXT(rdataset, link)) { + if (l->rdtype != rdataset->type || + l->rdclass != rdataset->rdclass || + !dns_name_equal(l->name, name)) { + char namestr[DNS_NAME_FORMATSIZE]; + char typebuf[DNS_RDATATYPE_FORMATSIZE]; + char classbuf[DNS_RDATACLASS_FORMATSIZE]; + dns_name_format(name, namestr, + sizeof(namestr)); + dns_rdatatype_format(rdataset->type, + typebuf, + sizeof(typebuf)); + dns_rdataclass_format(rdataset->rdclass, + classbuf, + sizeof(classbuf)); + printf(";; Question section mismatch: " + "got %s/%s/%s\n", + namestr, typebuf, classbuf); + match = ISC_FALSE; + } + } + } + if (!match) { + dns_message_destroy(&msg); + if (l->tcp_mode) { + isc_event_free(&event); + clear_query(query); + check_next_lookup(l); + UNLOCK_LOOKUP; + return; + } else + goto udp_mismatch; + } + } if ((msg->flags & DNS_MESSAGEFLAG_TC) != 0 && !l->ignore && !l->tcp_mode) { printf(";; Truncated, retrying in TCP mode.\n"); @@ -3271,6 +3307,19 @@ recv_done(isc_task_t *task, isc_event_t *event) { } isc_event_free(&event); UNLOCK_LOOKUP; + return; + + udp_mismatch: + isc_buffer_invalidate(&query->recvbuf); + isc_buffer_init(&query->recvbuf, query->recvspace, COMMSIZE); + ISC_LIST_ENQUEUE(query->recvlist, &query->recvbuf, link); + result = isc_socket_recvv(query->sock, &query->recvlist, 1, + global_task, recv_done, query); + check_result(result, "isc_socket_recvv"); + recvcount++; + isc_event_free(&event); + UNLOCK_LOOKUP; + return; } /*%