[svn] commit: r1331 - in /trunk/src/lib/dns: rdata.h rdata/generic/nsec3_50.cc rdata/generic/nsec_47.cc tests/rdata_nsec3_unittest.cc tests/rdata_nsec_unittest.cc tests/testdata/rdata_nsec3_fromWire3

BIND 10 source code commits bind10-changes at lists.isc.org
Thu Mar 11 21:04:06 UTC 2010 

Author: each
Date: Thu Mar 11 21:04:06 2010
New Revision: 1331

Log:
Added code to NSEC and NSEC3 from-wire constructors to throw exceptions
if the type bitmaps are invalid.  Also added unit tests.

Added:
    trunk/src/lib/dns/tests/testdata/rdata_nsec3_fromWire3
Modified:
    trunk/src/lib/dns/rdata.h
    trunk/src/lib/dns/rdata/generic/nsec3_50.cc
    trunk/src/lib/dns/rdata/generic/nsec_47.cc
    trunk/src/lib/dns/tests/rdata_nsec3_unittest.cc
    trunk/src/lib/dns/tests/rdata_nsec_unittest.cc

Modified: trunk/src/lib/dns/rdata.h
==============================================================================
--- trunk/src/lib/dns/rdata.h (original)
+++ trunk/src/lib/dns/rdata.h Thu Mar 11 21:04:06 2010
@@ -53,6 +53,17 @@
     InvalidRdataText(const char* file, size_t line, const char* what) :
         isc::Exception(file, line, what) {}
 };
+
+///
+/// \brief A standard DNS module exception that is thrown if wire format
+/// RDTA is invalid
+///
+class InvalidRdata : public Exception {
+public:
+    InvalidRdata(const char* file, size_t line, const char* what) :
+        isc::Exception(file, line, what) {}
+};
+
 
 ///
 /// \brief A standard DNS module exception that is thrown if RDATA parser

Modified: trunk/src/lib/dns/rdata/generic/nsec3_50.cc
==============================================================================
--- trunk/src/lib/dns/rdata/generic/nsec3_50.cc (original)
+++ trunk/src/lib/dns/rdata/generic/nsec3_50.cc Thu Mar 11 21:04:06 2010
@@ -164,10 +164,20 @@
         isc_throw(InvalidRdataLength, "NSEC3 type bitmap too short");
     }
 
-    // FIXIT: we cannot naively copy the data because the bitmaps have
-    // semantics and other part of this class assumes they are valid.
     vector<uint8_t> typebits(rdata_len);
     buffer.readData(&typebits[0], rdata_len);
+
+    int len = 0;
+    for (int i = 0; i < typebits.size(); i += len) {
+        if (i + 2 > typebits.size()) {
+            isc_throw(InvalidRdata, "Bad NSEC3 typebits");
+        }
+        len = typebits[i + 1];
+        if (len > 31) {
+            isc_throw(InvalidRdata, "Bad NSEC3 typebits");
+        }
+        i += 2;
+    }
 
     impl_ = new NSEC3Impl(hashalg, flags, iterations, salt, next, typebits);
 }

Modified: trunk/src/lib/dns/rdata/generic/nsec_47.cc
==============================================================================
--- trunk/src/lib/dns/rdata/generic/nsec_47.cc (original)
+++ trunk/src/lib/dns/rdata/generic/nsec_47.cc Thu Mar 11 21:04:06 2010
@@ -104,10 +104,20 @@
     }
     rdata_len -= (buffer.getPosition() - pos);
 
-    // FIXIT: we cannot naively copy the data because the bitmaps have
-    // semantics and other part of this class assumes they are valid.
     vector<uint8_t> typebits(rdata_len);
     buffer.readData(&typebits[0], rdata_len);
+
+    int len = 0;
+    for (int i = 0; i < typebits.size(); i += len) {
+        if (i + 2 > typebits.size()) {
+            isc_throw(InvalidRdata, "Bad NSEC typebits");
+        }
+        len = typebits[i + 1];
+        if (len > 31) {
+            isc_throw(InvalidRdata, "Bad NSEC typebits");
+        }
+        i += 2;
+    }
 
     impl_ = new NSECImpl(nextname, typebits);
 }

Modified: trunk/src/lib/dns/tests/rdata_nsec3_unittest.cc
==============================================================================
--- trunk/src/lib/dns/tests/rdata_nsec3_unittest.cc (original)
+++ trunk/src/lib/dns/tests/rdata_nsec3_unittest.cc Thu Mar 11 21:04:06 2010
@@ -84,6 +84,11 @@
     EXPECT_THROW(rdataFactoryFromFile(RRType::NSEC3(), RRClass::IN(),
                                       "testdata/rdata_nsec3_fromWire2"),
                  InvalidRdataLength);
+
+    // Invalid type bits
+    EXPECT_THROW(rdataFactoryFromFile(RRType::NSEC3(), RRClass::IN(),
+                                      "testdata/rdata_nsec3_fromWire3"),
+                 InvalidRdata);
 }
 
 TEST_F(Rdata_NSEC3_Test, toWireRenderer)

Modified: trunk/src/lib/dns/tests/rdata_nsec_unittest.cc
==============================================================================
--- trunk/src/lib/dns/tests/rdata_nsec_unittest.cc (original)
+++ trunk/src/lib/dns/tests/rdata_nsec_unittest.cc Thu Mar 11 21:04:06 2010
@@ -66,9 +66,9 @@
                                       "testdata/rdata_nsec_fromWire2"),
                  InvalidRdataLength);
 
-    // This should be rejected
-    //rdataFactoryFromFile(RRType::NSEC(), RRClass::IN(),
-    //                   "testdata/rdata_nsec_fromWire3")->toText();
+    EXPECT_THROW(rdataFactoryFromFile(RRType::NSEC(), RRClass::IN(),
+                       "testdata/rdata_nsec_fromWire3"),
+                 InvalidRdata);
 }
 
 TEST_F(Rdata_NSEC_Test, toWireRenderer_NSEC)

More information about the bind10-changes mailing list