From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from beige.elm.relay.mailchannels.net (beige.elm.relay.mailchannels.net [23.83.212.16]) by sourceware.org (Postfix) with ESMTPS id 492A03858D1E for ; Thu, 18 Aug 2022 17:23:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 492A03858D1E Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=gotplt.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 03A5F1226EA; Thu, 18 Aug 2022 17:23:27 +0000 (UTC) Received: from pdx1-sub0-mail-a307.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 073911225A9; Thu, 18 Aug 2022 17:23:26 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1660843406; a=rsa-sha256; cv=none; b=VhYup1ZvDEKEbxcdftJ5lHxtC5of+/AtTfztQLiD/y8YqMI88/QtHBohvf7mxMwDDHFkXn B6vtmEkBMFaS9S2W1mAWNWTw6BBsqfAW8YmCE/E8WC/AT5dNRaM/X8LkF//+v+aluia+zY FXTEXHruix0gtGNbs9F1f0UaNf9tx0jnqT07/7JOk8ID+qgFDFQqp2cXbEs02KJcP4gL38 cyyUV3M435C+1bzAVNM1ikia9fKFm9YCcWCp3qASnlZSLoCNGgVw/R8HNkmSxoqA4EyS5v BcwVoBLUbXk6BdcIlNsK1uYUHt+o1vGw8TDeGCrq/FGkFqWLbAN+pL3sY8VeIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1660843406; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mkGZ/ae3yl2hUqHuDmIPy9RhSmTuZalOLnhA65GRpZ4=; b=O8bT8PTjx8Z8598BzKjaONeLlxNxxOzVqNEyeXuoK1DJeCKk7FIVHgQ2tuQB+kKK89Qsbc zDL6hXux0nXpwj/8EFNO2AlPLdR3samFUZlmp4Q45PEAOh2dxtcpg9IK6phQcpktdF9pvJ UzWLSo01gxanwfnLwK2nJEm3+KLDwJOAKQB1ud3br5vG//9bEQa8h/izvsYCP2IZPcS2Wh uhKYGX+ira1yQSiLpE044YUC4JN13+jQhF+E8l5eYuTOxGkzlIovkwbhyf/n64jLmDIb9i IwAexxQdrF9wdGURmBUwRzPv36wHmH3yXP253RgTZjrLxMb4NuzMIlFHuOqLyg== ARC-Authentication-Results: i=1; rspamd-7697cc766f-5gv76; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Broad-Lonely: 23327cfd602ba5ad_1660843406309_3753494615 X-MC-Loop-Signature: 1660843406309:2317272507 X-MC-Ingress-Time: 1660843406309 Received: from pdx1-sub0-mail-a307.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.121.210.153 (trex/6.7.1); Thu, 18 Aug 2022 17:23:26 +0000 Received: from [192.168.0.182] (bras-vprn-toroon4834w-lp130-16-184-147-84-238.dsl.bell.ca [184.147.84.238]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a307.dreamhost.com (Postfix) with ESMTPSA id 4M7sDF3fGVz57; Thu, 18 Aug 2022 10:23:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gotplt.org; s=dreamhost; t=1660843405; bh=mkGZ/ae3yl2hUqHuDmIPy9RhSmTuZalOLnhA65GRpZ4=; h=Date:Subject:To:From:Content-Type:Content-Transfer-Encoding; b=R3VJmn/tfXsKUMXxGgF40/4vzx8/deaVrb0GMk1gFt7LYyOaVQuEYa19Cv6KcdxwQ qnACF6RRhGG3eJGqVfGONnIxxGfWcPRkIK2nzQ5ZLYwOJx/KzeSHzZe2fwKuMNIdNN AY8ZV0CcXDe5aIpMyH00TJrWeoSuxqLMsBC5Oa4d/qxrkAxueBMvYPUnVYHGWl8Kel uHhVzVN6NURrQs0Rm8zkO61zTlfF50NCHS5+8NTcwE2OnYeKWeSJZrO7HG+qli12Sf obHFuenZkxKn8HmkZLoZePLqslxZSL1Lab9JT8JbEwrGbnFX0MC+TZecVqWvUNRGcK XVO7seVr02hfQ== Message-ID: <0fb2e298-1c80-8edc-6ee1-5ae71139165f@gotplt.org> Date: Thu, 18 Aug 2022 13:23:24 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0 Subject: Re: [PATCH 05/13] resolv: Add internal __ns_name_length_uncompressed function Content-Language: en-US To: Florian Weimer , libc-alpha@sourceware.org References: <910eb77d28920ff34b70bdc70131b2d1ff053f58.1660123636.git.fweimer@redhat.com> From: Siddhesh Poyarekar In-Reply-To: <910eb77d28920ff34b70bdc70131b2d1ff053f58.1660123636.git.fweimer@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3038.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Aug 2022 17:23:32 -0000 On 2022-08-10 05:30, Florian Weimer via Libc-alpha wrote: > --- > include/arpa/nameser.h | 8 ++ > resolv/Makefile | 5 + > resolv/ns_name_length_uncompressed.c | 72 ++++++++++++ > resolv/tst-ns_name_length_uncompressed.c | 135 +++++++++++++++++++++++ > 4 files changed, 220 insertions(+) > create mode 100644 resolv/ns_name_length_uncompressed.c > create mode 100644 resolv/tst-ns_name_length_uncompressed.c LGTM. Reviewed-by: Siddhesh Poyarekar > > diff --git a/include/arpa/nameser.h b/include/arpa/nameser.h > index bb1dede187..6e4808f00d 100644 > --- a/include/arpa/nameser.h > +++ b/include/arpa/nameser.h > @@ -95,5 +95,13 @@ libc_hidden_proto (__ns_name_unpack) > extern __typeof (ns_samename) __libc_ns_samename; > libc_hidden_proto (__libc_ns_samename) > > +/* Packet parser helper functions. */ > + > +/* Verify that P points to an uncompressed domain name in wire format. > + On success, return the length of the encoded name, including the > + terminating null byte. On failure, return -1 and set errno. EOM > + must point one past the last byte in the packet. */ > +int __ns_name_length_uncompressed (const unsigned char *p, > + const unsigned char *eom) attribute_hidden; > # endif /* !_ISOMAC */ > #endif > diff --git a/resolv/Makefile b/resolv/Makefile > index ec61ad07bd..bf28825f60 100644 > --- a/resolv/Makefile > +++ b/resolv/Makefile > @@ -40,6 +40,7 @@ routines := \ > inet_pton \ > ns_makecanon \ > ns_name_compress \ > + ns_name_length_uncompressed \ > ns_name_ntop \ > ns_name_pack \ > ns_name_pton \ > @@ -111,6 +112,10 @@ tests-static += tst-resolv-txnid-collision > tests-internal += tst-ns_samebinaryname > tests-static += tst-ns_samebinaryname > > +# Likewise for __ns_name_length_uncompressed. > +tests-internal += tst-ns_name_length_uncompressed > +tests-static += tst-ns_name_length_uncompressed > + > # These tests need libdl. > ifeq (yes,$(build-shared)) > tests += \ > diff --git a/resolv/ns_name_length_uncompressed.c b/resolv/ns_name_length_uncompressed.c > new file mode 100644 > index 0000000000..51296b47ef > --- /dev/null > +++ b/resolv/ns_name_length_uncompressed.c > @@ -0,0 +1,72 @@ > +/* Skip over an uncompressed name in wire format. > + Copyright (C) 2022 Free Software Foundation, Inc. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#include > +#include > +#include > + > +int > +__ns_name_length_uncompressed (const unsigned char *p, > + const unsigned char *eom) > +{ > + const unsigned char *start = p; > + > + while (true) > + { > + if (p == eom) > + { > + /* Truncated packet: no room for label length. */ > + __set_errno (EMSGSIZE); > + return -1; > + } > + > + unsigned char b = *p; > + ++p; > + if (b == 0) > + { > + /* Root label. */ > + size_t length = p - start; > + if (length > NS_MAXCDNAME) > + { > + /* Domain name too long. */ > + __set_errno (EMSGSIZE); > + return -1; > + } > + return length; > + } > + > + if (b <= 63) > + { > + /* Regular label. */ > + if (b <= eom - p) > + p += b; > + else > + { > + /* Truncated packet: label incomplete. */ > + __set_errno (EMSGSIZE); > + return -1; > + } > + } > + else > + { > + /* Compression reference or corrupted label length. */ > + __set_errno (EMSGSIZE); > + return -1; > + } > + } > +} > diff --git a/resolv/tst-ns_name_length_uncompressed.c b/resolv/tst-ns_name_length_uncompressed.c > new file mode 100644 > index 0000000000..c4a2904db7 > --- /dev/null > +++ b/resolv/tst-ns_name_length_uncompressed.c > @@ -0,0 +1,135 @@ > +/* Test __ns_name_length_uncompressed. > + Copyright (C) 2022 Free Software Foundation, Inc. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#include > +#include > +#include > +#include > +#include > +#include > + > +/* Reference implementation based on other building blocks. */ > +static int > +reference_length (const unsigned char *p, const unsigned char *eom) > +{ > + unsigned char buf[NS_MAXCDNAME]; > + int n = __ns_name_unpack (p, eom, p, buf, sizeof (buf)); > + if (n < 0) > + return n; > + const unsigned char *q = buf; > + if (__ns_name_skip (&q, array_end (buf)) < 0) > + return -1; > + if (q - buf != n) > + /* Compressed name. */ > + return -1; > + return n; > +} > + > +static int > +do_test (void) > +{ > + { > + unsigned char buf[] = { 3, 'w', 'w', 'w', 0, 0, 0 }; > + TEST_COMPARE (reference_length (buf, array_end (buf)), sizeof (buf) - 2); > + TEST_COMPARE (__ns_name_length_uncompressed (buf, array_end (buf)), > + sizeof (buf) - 2); > + TEST_COMPARE (reference_length (array_end (buf) - 1, array_end (buf)), 1); > + TEST_COMPARE (__ns_name_length_uncompressed (array_end (buf) - 1, > + array_end (buf)), 1); > + buf[4] = 0xc0; /* Forward compression reference. */ > + buf[5] = 0x06; > + TEST_COMPARE (reference_length (buf, array_end (buf)), -1); > + TEST_COMPARE (__ns_name_length_uncompressed (buf, array_end (buf)), -1); > + } > + > + struct support_next_to_fault ntf = support_next_to_fault_allocate (300); > + > + /* Buffer region with all possible bytes at start and end. */ > + for (int length = 1; length <= 300; ++length) > + { > + unsigned char *end = (unsigned char *) ntf.buffer + ntf.length; > + unsigned char *start = end - length; > + memset (start, 'X', length); > + for (int first = 0; first <= 255; ++first) > + { > + *start = first; > + for (int last = 0; last <= 255; ++last) > + { > + start[length - 1] = last; > + TEST_COMPARE (reference_length (start, end), > + __ns_name_length_uncompressed (start, end)); > + } > + } > + } > + > + /* Poor man's fuzz testing: patch two bytes. */ > + { > + unsigned char ref[] = > + { > + 7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 3, 'n', 'e', 't', 0, 0, 0 > + }; > + TEST_COMPARE (reference_length (ref, array_end (ref)), 13); > + TEST_COMPARE (__ns_name_length_uncompressed (ref, array_end (ref)), 13); > + > + int good = 0; > + int bad = 0; > + for (int length = 1; length <= sizeof (ref); ++length) > + { > + unsigned char *end = (unsigned char *) ntf.buffer + ntf.length; > + unsigned char *start = end - length; > + memcpy (start, ref, length); > + > + for (int patch1_pos = 0; patch1_pos < length; ++patch1_pos) > + { > + for (int patch1_value = 0; patch1_value <= 255; ++patch1_value) > + { > + start[patch1_pos] = patch1_value; > + for (int patch2_pos = 0; patch2_pos < length; ++patch2_pos) > + { > + for (int patch2_value = 0; patch2_value <= 255; > + ++patch2_value) > + { > + start[patch2_pos] = patch2_value; > + int expected = reference_length (start, end); > + errno = EINVAL; > + int actual > + = __ns_name_length_uncompressed (start, end); > + if (actual > 0) > + ++good; > + else > + { > + TEST_COMPARE (errno, EMSGSIZE); > + ++bad; > + } > + TEST_COMPARE (expected, actual); > + } > + start[patch2_pos] = ref[patch2_pos]; > + } > + } > + start[patch1_pos] = ref[patch1_pos]; > + } > + } > + printf ("info: patched inputs with success: %d\n", good); > + printf ("info: patched inputs with failure: %d\n", bad); > + } > + > + support_next_to_fault_free (&ntf); > + return 0; > +} > + > +#include