X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/b751376719cfe1924aa07ab8fd364ec1a55c04b3..c39d40a767a1ae36171e5bcbf6f157ff3e80fb6c:/print-domain.c diff --git a/print-domain.c b/print-domain.c index 28c7f2b9..dcfc9fd2 100644 --- a/print-domain.c +++ b/print-domain.c @@ -74,12 +74,15 @@ ns_nskip(netdissect_options *ndo, i = GET_U_1(cp); cp++; while (i) { - if ((i & INDIR_MASK) == INDIR_MASK) + switch (i & TYPE_MASK) { + + case TYPE_INDIR: return (cp + 1); - if ((i & INDIR_MASK) == EDNS0_MASK) { + + case TYPE_EDNS0: { int bitlen, bytelen; - if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL) + if ((i & ~TYPE_MASK) != EDNS0_ELT_BITLABEL) return(NULL); /* unknown ELT */ if (!ND_TTEST_1(cp)) return (NULL); @@ -88,8 +91,16 @@ ns_nskip(netdissect_options *ndo, cp++; bytelen = (bitlen + 7) / 8; cp += bytelen; - } else + } + break; + + case TYPE_RESERVED: + return (NULL); + + case TYPE_LABEL: cp += i; + break; + } if (!ND_TTEST_1(cp)) return (NULL); i = GET_U_1(cp); @@ -116,25 +127,19 @@ blabel_print(netdissect_options *ndo, /* print the bit string as a hex string */ ND_PRINT("\\[x"); for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++) { - ND_TCHECK_1(bitp); ND_PRINT("%02x", GET_U_1(bitp)); } if (b > 4) { - ND_TCHECK_1(bitp); tc = GET_U_1(bitp); bitp++; ND_PRINT("%02x", tc & (0xff << (8 - b))); } else if (b > 0) { - ND_TCHECK_1(bitp); tc = GET_U_1(bitp); bitp++; ND_PRINT("%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b))); } ND_PRINT("/%u]", bitlen); return lim; -trunc: - ND_PRINT(".../%u]", bitlen); - return NULL; } static int @@ -146,9 +151,11 @@ labellen(netdissect_options *ndo, if (!ND_TTEST_1(cp)) return(-1); i = GET_U_1(cp); - if ((i & INDIR_MASK) == EDNS0_MASK) { + switch (i & TYPE_MASK) { + + case TYPE_EDNS0: { u_int bitlen, elt; - if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL) { + if ((elt = (i & ~TYPE_MASK)) != EDNS0_ELT_BITLABEL) { ND_PRINT("", elt); return(-1); } @@ -157,8 +164,20 @@ labellen(netdissect_options *ndo, if ((bitlen = GET_U_1(cp + 1)) == 0) bitlen = 256; return(((bitlen + 7) / 8) + 1); - } else + } + + case TYPE_INDIR: + case TYPE_LABEL: return(i); + + default: + /* + * TYPE_RESERVED, but we use default to suppress compiler + * warnings about falling out of the switch statement. + */ + ND_PRINT(""); + return(-1); + } } /* print a */ @@ -171,6 +190,7 @@ fqdn_print(netdissect_options *ndo, int compress = 0; u_int elt; u_int offset, max_offset; + u_int name_chars = 0; if ((l = labellen(ndo, cp)) == (u_int)-1) return(NULL); @@ -179,14 +199,16 @@ fqdn_print(netdissect_options *ndo, max_offset = (u_int)(cp - bp); i = GET_U_1(cp); cp++; - if ((i & INDIR_MASK) != INDIR_MASK) { + if ((i & TYPE_MASK) != TYPE_INDIR) { compress = 0; rp = cp + l; } - if (i != 0) + if (i != 0) { while (i && cp < ndo->ndo_snapend) { - if ((i & INDIR_MASK) == INDIR_MASK) { + switch (i & TYPE_MASK) { + + case TYPE_INDIR: if (!compress) { rp = cp + 1; compress = 1; @@ -210,16 +232,16 @@ fqdn_print(netdissect_options *ndo, } max_offset = offset; cp = bp + offset; - if ((l = labellen(ndo, cp)) == (u_int)-1) - return(NULL); if (!ND_TTEST_1(cp)) return(NULL); i = GET_U_1(cp); + if ((l = labellen(ndo, cp)) == (u_int)-1) + return(NULL); cp++; continue; - } - if ((i & INDIR_MASK) == EDNS0_MASK) { - elt = (i & ~INDIR_MASK); + + case TYPE_EDNS0: + elt = (i & ~TYPE_MASK); switch(elt) { case EDNS0_ELT_BITLABEL: if (blabel_print(ndo, cp) == NULL) @@ -230,23 +252,41 @@ fqdn_print(netdissect_options *ndo, ND_PRINT("", elt); return(NULL); } - } else { - if (nd_printn(ndo, cp, l, ndo->ndo_snapend)) - return(NULL); + break; + + case TYPE_RESERVED: + ND_PRINT(""); + return(NULL); + + case TYPE_LABEL: + if (name_chars + l <= MAXCDNAME) { + if (nd_printn(ndo, cp, l, ndo->ndo_snapend)) + return(NULL); + } else if (name_chars < MAXCDNAME) { + if (nd_printn(ndo, cp, + MAXCDNAME - name_chars, ndo->ndo_snapend)) + return(NULL); + } + name_chars += l; + break; } cp += l; - ND_PRINT("."); - if ((l = labellen(ndo, cp)) == (u_int)-1) - return(NULL); + if (name_chars <= MAXCDNAME) + ND_PRINT("."); + name_chars++; if (!ND_TTEST_1(cp)) return(NULL); i = GET_U_1(cp); + if ((l = labellen(ndo, cp)) == (u_int)-1) + return(NULL); cp++; if (!compress) rp += l + 1; } - else + if (name_chars > MAXCDNAME) + ND_PRINT(""); + } else ND_PRINT("."); return (rp); } @@ -455,30 +495,30 @@ const struct tok ns_type2str[] = { { T_MX, "MX" }, /* RFC 1035 */ { T_TXT, "TXT" }, /* RFC 1035 */ { T_RP, "RP" }, /* RFC 1183 */ - { T_AFSDB, "AFSDB" }, /* RFC 1183 */ + { T_AFSDB, "AFSDB" }, /* RFC 5864 */ { T_X25, "X25" }, /* RFC 1183 */ { T_ISDN, "ISDN" }, /* RFC 1183 */ { T_RT, "RT" }, /* RFC 1183 */ { T_NSAP, "NSAP" }, /* RFC 1706 */ - { T_NSAP_PTR, "NSAP_PTR" }, - { T_SIG, "SIG" }, /* RFC 2535 */ - { T_KEY, "KEY" }, /* RFC 2535 */ + { T_NSAP_PTR, "NSAP_PTR" }, /* RFC 1706 */ + { T_SIG, "SIG" }, /* RFC 3008 */ + { T_KEY, "KEY" }, /* RFC 3110 */ { T_PX, "PX" }, /* RFC 2163 */ { T_GPOS, "GPOS" }, /* RFC 1712 */ - { T_AAAA, "AAAA" }, /* RFC 1886 */ + { T_AAAA, "AAAA" }, /* RFC 3596 */ { T_LOC, "LOC" }, /* RFC 1876 */ - { T_NXT, "NXT" }, /* RFC 2535 */ + { T_NXT, "NXT" }, /* RFC 3755 */ { T_EID, "EID" }, /* Nimrod */ { T_NIMLOC, "NIMLOC" }, /* Nimrod */ { T_SRV, "SRV" }, /* RFC 2782 */ { T_ATMA, "ATMA" }, /* ATM Forum */ - { T_NAPTR, "NAPTR" }, /* RFC 2168, RFC 2915 */ + { T_NAPTR, "NAPTR" }, /* RFC 3403 */ { T_KX, "KX" }, /* RFC 2230 */ - { T_CERT, "CERT" }, /* RFC 2538 */ - { T_A6, "A6" }, /* RFC 2874 */ - { T_DNAME, "DNAME" }, /* RFC 2672 */ + { T_CERT, "CERT" }, /* RFC 4398 */ + { T_A6, "A6" }, /* RFC 6563 */ + { T_DNAME, "DNAME" }, /* RFC 6672 */ { T_SINK, "SINK" }, - { T_OPT, "OPT" }, /* RFC 2671 */ + { T_OPT, "OPT" }, /* RFC 6891 */ { T_APL, "APL" }, /* RFC 3123 */ { T_DS, "DS" }, /* RFC 4034 */ { T_SSHFP, "SSHFP" }, /* RFC 4255 */ @@ -486,20 +526,47 @@ const struct tok ns_type2str[] = { { T_RRSIG, "RRSIG" }, /* RFC 4034 */ { T_NSEC, "NSEC" }, /* RFC 4034 */ { T_DNSKEY, "DNSKEY" }, /* RFC 4034 */ - { T_SPF, "SPF" }, /* RFC-schlitt-spf-classic-02.txt */ + { T_DHCID, "DHCID" }, /* RFC 4071 */ + { T_NSEC3, "NSEC3" }, /* RFC 5155 */ + { T_NSEC3PARAM, "NSEC3PARAM" }, /* RFC 5155 */ + { T_TLSA, "TLSA" }, /* RFC 6698 */ + { T_SMIMEA, "SMIMEA" }, /* RFC 8162 */ + { T_HIP, "HIP" }, /* RFC 8005 */ + { T_NINFO, "NINFO" }, + { T_RKEY, "RKEY" }, + { T_TALINK, "TALINK" }, + { T_CDS, "CDS" }, /* RFC 7344 */ + { T_CDNSKEY, "CDNSKEY" }, /* RFC 7344 */ + { T_OPENPGPKEY, "OPENPGPKEY" }, /* RFC 7929 */ + { T_CSYNC, "CSYNC" }, /* RFC 7477 */ + { T_ZONEMD, "ZONEMD" }, /* RFC 8976 */ + { T_SVCB, "SVCB" }, + { T_HTTPS, "HTTPS" }, + { T_SPF, "SPF" }, /* RFC 7208 */ { T_UINFO, "UINFO" }, { T_UID, "UID" }, { T_GID, "GID" }, { T_UNSPEC, "UNSPEC" }, - { T_UNSPECA, "UNSPECA" }, + { T_NID, "NID" }, /* RFC 6742 */ + { T_L32, "L32" }, /* RFC 6742 */ + { T_L64, "L64" }, /* RFC 6742 */ + { T_LP, "LP" }, /* RFC 6742 */ + { T_EUI48, "EUI48" }, /* RFC 7043 */ + { T_EUI64, "EUI64" }, /* RFC 7043 */ { T_TKEY, "TKEY" }, /* RFC 2930 */ - { T_TSIG, "TSIG" }, /* RFC 2845 */ + { T_TSIG, "TSIG" }, /* RFC 8945 */ { T_IXFR, "IXFR" }, /* RFC 1995 */ - { T_AXFR, "AXFR" }, /* RFC 1035 */ + { T_AXFR, "AXFR" }, /* RFC 5936 */ { T_MAILB, "MAILB" }, /* RFC 1035 */ { T_MAILA, "MAILA" }, /* RFC 1035 */ - { T_ANY, "ANY" }, + { T_ANY, "ANY" }, /* RFC 8482 */ { T_URI, "URI" }, /* RFC 7553 */ + { T_CAA, "CAA" }, /* RFC 8659 */ + { T_AVC, "AVC" }, + { T_DOA, "DOA" }, + { T_AMTRELAY, "AMTRELAY" }, /* RFC 8777 */ + { T_TA, "TA" }, + { T_DLV, "DLV" }, /* RFC 8749 */ { 0, NULL } }; @@ -673,9 +740,7 @@ ns_rprint(netdissect_options *ndo, case T_NS: case T_CNAME: case T_PTR: -#ifdef T_DNAME case T_DNAME: -#endif ND_PRINT(" "); if (fqdn_print(ndo, cp, bp) == NULL) return(NULL); @@ -758,10 +823,8 @@ ns_rprint(netdissect_options *ndo, ND_PRINT(" %u(bad plen)", pbit); break; } else if (pbit < 128) { - if (!ND_TTEST_LEN(cp + 1, sizeof(a) - pbyte)) - return(NULL); memset(a, 0, sizeof(a)); - memcpy(a + pbyte, cp + 1, sizeof(a) - pbyte); + GET_CPY_BYTES(a + pbyte, cp + 1, sizeof(a) - pbyte); ND_PRINT(" %u %s", pbit, addrtostr6(&a, ntop_buf, sizeof(ntop_buf))); } @@ -798,13 +861,6 @@ ns_rprint(netdissect_options *ndo, } break; - case T_UNSPECA: /* One long string */ - if (!ND_TTEST_LEN(cp, len)) - return(NULL); - if (nd_printn(ndo, cp, len, ndo->ndo_snapend)) - return(NULL); - break; - case T_TSIG: { if (cp + len > ndo->ndo_snapend) @@ -842,7 +898,7 @@ ns_rprint(netdissect_options *ndo, void domain_print(netdissect_options *ndo, - const u_char *bp, u_int length, int is_mdns) + const u_char *bp, u_int length, int over_tcp, int is_mdns) { const dns_header_t *np; uint16_t flags, rcode, rdlen, type; @@ -852,6 +908,34 @@ domain_print(netdissect_options *ndo, uint16_t b2; ndo->ndo_protocol = "domain"; + + if (over_tcp) { + /* + * The message is prefixed with a two byte length field + * which gives the message length, excluding the two byte + * length field. (RFC 1035 - 4.2.2. TCP usage) + */ + if (length < 2) { + ND_PRINT(" [DNS over TCP: length %u < 2]", length); + nd_print_invalid(ndo); + return; + } else { + length -= 2; /* excluding the two byte length field */ + if (GET_BE_U_2(bp) != length) { + ND_PRINT(" [prefix length(%u) != length(%u)]", + GET_BE_U_2(bp), length); + nd_print_invalid(ndo); + return; + } else { + bp += 2; + /* in over TCP case, we need to prepend a space + * (not needed in over UDP case) + */ + ND_PRINT(" "); + } + } + } + np = (const dns_header_t *)bp; if(length < sizeof(*np)) { @@ -900,7 +984,7 @@ domain_print(netdissect_options *ndo, if (cp + 1 > ndo->ndo_snapend) goto print; if (type == T_OPT) { - rcode |= (*cp << 4); + rcode |= (GET_U_1(cp) << 4); goto print; } cp += 4;