VirtualBox

Changeset 59203 in vbox


Ignore:
Timestamp:
Dec 21, 2015 5:21:56 PM (9 years ago)
Author:
vboxsync
Message:

NAT: Ignore/drop any authority or additional records in queries to the
host resolver, so that we can process queries with EDNS(0) RFC6891 OPT
RR in additional records section.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Devices/Network/slirp/hostres.c

    r59202 r59203  
    240240    }
    241241
    242     if (RT_UNLIKELY(pHdr->nscount != 0))
    243     {
    244         LogErr(("NAT: hostres: authority RRs in query\n"));
    245         refuse(pData, m, RCode_NotImp);
    246         return 1;
    247     }
    248 
    249     if (RT_UNLIKELY(pHdr->arcount != 0))
    250     {
    251         LogErr(("NAT: hostres: additional info RRs in query\n"));
    252         refuse(pData, m, RCode_NotImp);
    253         return 1;
    254     }
    255 
    256242    if (RT_UNLIKELY(mlen < sizeof(*pHdr)
    257243                             + /* qname  */ 1
     
    379365     * QTYPE and QCLASS
    380366     */
    381     if (RT_UNLIKELY(off + 4 != mlen))
    382     {
    383         LogErr(("NAT: hostres: question too short / too long\n"));
     367    if (RT_UNLIKELY(off + 4 > mlen))
     368    {
     369        LogErr(("NAT: hostres: question too short\n"));
    384370        return refuse(pData, m, RCode_FormErr);
    385371    }
     
    408394        return refuse(pData, m, RCode_NotImp);
    409395    }
     396
     397
     398    /**
     399     * Check if there's anything after the question.  If query says it
     400     * has authority or additional records, ignore and drop them
     401     * without parsing.
     402     *
     403     * We have already rejected queries with answer(s) before.  We
     404     * have ensured that qname in the question doesn't contain
     405     * pointers, so truncating the buffer is safe.
     406     */
     407    if (off < mlen)
     408    {
     409        int trailer = mlen - off;
     410
     411        LogDbg(("NAT: hostres: question %zu < mlen %zu\n", off, mlen));
     412
     413        if (pHdr->nscount == 0 && pHdr->arcount == 0)
     414        {
     415            LogErr(("NAT: hostres: unexpected %d bytes after the question\n", trailer));
     416            return refuse(pData, m, RCode_FormErr);
     417        }
     418
     419        LogDbg(("NAT: hostres: ignoring %d bytes of %s%s%s records\n",
     420                trailer,
     421                pHdr->nscount != 0 ? "authority" : "",
     422                pHdr->nscount != 0 && pHdr->arcount != 0 ? " and " : "",
     423                pHdr->arcount != 0 ? "additional" : ""));
     424
     425        m_adj(m, -trailer);
     426        mlen -= trailer;
     427        res->end = res->qlen = mlen;
     428
     429        pHdr->nscount = 0;
     430        pHdr->arcount = 0;
     431    }
     432
    410433
    411434    /*
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette