Fix decompressing fake pointers in DNS messages (#7022)

* Don't decompress fake pointers

* [autofix.ci] apply automated fixes

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
This commit is contained in:
Gaurav Jain 2024-07-13 19:48:03 +05:30 committed by GitHub
parent 30ecc2dfbc
commit bbf5df326a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 32 additions and 12 deletions

View File

@ -147,17 +147,23 @@ def decompress_from_record_data(
decompress_size = 0
while data_offset < end_data - offset:
if buffer[offset + data_offset] & _POINTER_INDICATOR == _POINTER_INDICATOR:
(
rr_name,
rr_name_len,
) = unpack_from_with_compression(buffer, offset + data_offset, cached_names)
data[
data_offset + decompress_size : data_offset
+ decompress_size
+ rr_name_len
] = pack(rr_name)
decompress_size += len(rr_name)
data_offset += rr_name_len
continue
try:
(
rr_name,
rr_name_len,
) = unpack_from_with_compression(
buffer, offset + data_offset, cached_names
)
data[
data_offset + decompress_size : data_offset
+ decompress_size
+ rr_name_len
] = pack(rr_name)
decompress_size += len(rr_name)
data_offset += rr_name_len
continue
except struct.error:
# the byte isn't actually a domain name compression pointer but some other data type
pass
data_offset += 1
return bytes(data)

View File

@ -85,3 +85,17 @@ def test_decompress_from_record_data():
== b"\x03ns1\x06google\x03com\x00\tdns-admin\x06google\x03com\x00&~gw\x00\x00\x03\x84\x00\x00\x03\x84\x00"
+ b"\x00\x07\x08\x00\x00\x00<"
)
def test_record_data_contains_fake_pointer():
# \xd2\a2 and \xc2\x00 seem like domain name compression pointers but are actually part of some other data type
buffer = (
b"\xfc\xc7\x81\x80\x00\x01\x00\x01\x00\x00\x00\x00\x06google\x03com\x00\x00\x06\x00\x01\xc0\x0c\x00\x06\x00"
+ b"\x01\x00\x00\x008\x00&\x03ns1\xc0\x0c\tdns-admin\xc0\x0c&\xd2\xa2\xc2\x00\x00\x03\x84\x00\x00\x03\x84\x00"
+ b"\x00\x07\x08\x00\x00\x00<"
)
assert (
domain_names.decompress_from_record_data(buffer, 40, 78, domain_names.cache())
== b"\x03ns1\x06google\x03com\x00\tdns-admin\x06google\x03com\x00&\xd2\xa2\xc2\x00\x00\x03\x84\x00\x00\x03"
+ b"\x84\x00\x00\x07\x08\x00\x00\x00<"
)