Mercurial > hg > nginx
comparison src/core/ngx_resolver.c @ 7854:4364b39de407
Resolver: explicit check for compression pointers in question.
Since nginx always uses exactly one entry in the question section of
a DNS query, and never uses compression pointers in this entry, parsing
of a DNS response in ngx_resolver_process_response() does not expect
compression pointers to appear in the question section of the DNS
response. Indeed, compression pointers in the first name of a DNS response
hardly make sense, do not seem to be allowed by RFC 1035 (which says
"a pointer to a prior occurance of the same name", note "prior"), and
were never observed in practice.
Added an explicit check to ngx_resolver_process_response()'s parsing
of the question section to properly report an error if compression pointers
nevertheless appear in the question section.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 25 May 2021 15:17:50 +0300 |
| parents | 4ebe1251a8c3 |
| children | 0c5e84096d99 |
comparison
equal
deleted
inserted
replaced
| 7853:4ebe1251a8c3 | 7854:4364b39de407 |
|---|---|
| 1796 } | 1796 } |
| 1797 | 1797 |
| 1798 i = sizeof(ngx_resolver_hdr_t); | 1798 i = sizeof(ngx_resolver_hdr_t); |
| 1799 | 1799 |
| 1800 while (i < (ngx_uint_t) n) { | 1800 while (i < (ngx_uint_t) n) { |
| 1801 | |
| 1802 if (buf[i] & 0xc0) { | |
| 1803 err = "unexpected compression pointer in DNS response"; | |
| 1804 goto done; | |
| 1805 } | |
| 1806 | |
| 1801 if (buf[i] == '\0') { | 1807 if (buf[i] == '\0') { |
| 1802 goto found; | 1808 goto found; |
| 1803 } | 1809 } |
| 1804 | 1810 |
| 1805 i += 1 + buf[i]; | 1811 i += 1 + buf[i]; |