Commit 20a22588 authored by Vladimír Čunát's avatar Vladimír Čunát Committed by Petr Špaček

nitpicks related to the CVE fix in parent commit

parent bef03dcf
......@@ -1626,8 +1626,11 @@ int worker_submit(struct session *session, knot_pkt_t *query)
return kr_error(ENOMEM);
}
} else if (query) { /* response from upstream */
task = session_tasklist_del_msgid(session, knot_wire_get_id(query->wire));
const uint16_t id = knot_wire_get_id(query->wire);
task = session_tasklist_del_msgid(session, id);
if (task == NULL) {
VERBOSE_MSG(NULL, "=> ignoring packet with mismatching ID %d\n",
(int)id);
return kr_error(ENOENT);
}
assert(!session_flags(session)->closing);
......
......@@ -49,7 +49,12 @@
enum kr_layer_state {
KR_STATE_CONSUME = 1 << 0, /*!< Consume data. */
KR_STATE_PRODUCE = 1 << 1, /*!< Produce data. */
KR_STATE_DONE = 1 << 2, /*!< Finished successfully. */
/*! Finished successfully or a special case: in CONSUME phase this can
* be used (by iterator) to do a transition to PRODUCE phase again,
* in which case the packet wasn't accepted for some reason. */
KR_STATE_DONE = 1 << 2,
KR_STATE_FAIL = 1 << 3, /*!< Error. */
KR_STATE_YIELD = 1 << 4, /*!< Paused, waiting for a sub-query. */
};
......
......@@ -85,9 +85,11 @@ static bool is_paired_to_query(const knot_pkt_t *answer, struct kr_query *query)
/* ID should already match, thanks to session_tasklist_del_msgid()
* in worker_submit(), but it won't hurt to check again. */
return query->id == knot_wire_get_id(answer->wire) &&
knot_wire_get_qdcount(answer->wire) > 0 &&
knot_wire_get_qdcount(answer->wire) == 1 &&
query->sclass == knot_pkt_qclass(answer) &&
qtype == knot_pkt_qtype(answer) &&
/* qry->secret had been xor-applied to answer already,
* so this also checks for correctness of case randomization */
knot_dname_is_equal(qname, knot_pkt_qname(answer));
}
......
......@@ -150,6 +150,8 @@ static void randomized_qname_case(knot_dname_t * restrict qname, uint32_t secret
assert(qname);
const int len = knot_dname_size(qname) - 2; /* Skip first, last label. */
for (int i = 0; i < len; ++i) {
/* Note: this relies on the fact that correct label lengths
* can't pass the isletter() test (by "luck"). */
if (isletter(*++qname)) {
*qname ^= ((secret >> (i & 31)) & 1) * 0x20;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment