Commit 319e600f authored by Daniel Salzman's avatar Daniel Salzman

zscanner: split long TXT/SPF strings into more substrings with length <= 255 chars.

parent 40857cc7
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -138,6 +138,8 @@ struct scanner {
apl_t apl;
/*! Auxiliary loc structure. */
loc_t loc;
/*! Allow text strings longer than 255 characters. */
bool long_string;
/*! Pointer to the actual dname storage (origin/owner/rdata). */
uint8_t *dname;
......
......@@ -213,7 +213,12 @@
# BEGIN - Common r_data item processing
action _item_length_init {
s->item_length_location = rdata_tail++;
if (rdata_tail <= rdata_stop) {
s->item_length_location = rdata_tail++;
} else {
WARN(ZS_RDATA_OVERFLOW);
fhold; fgoto err_line;
}
}
action _item_length_exit {
s->item_length = rdata_tail - s->item_length_location - 1;
......@@ -502,6 +507,15 @@
# BEGIN - Text processing
action _text_char {
if (rdata_tail <= rdata_stop) {
// Split long string.
if (s->long_string &&
rdata_tail - s->item_length_location == 1 + MAX_ITEM_LENGTH) {
// _item_length_exit equivalent.
*(s->item_length_location) = MAX_ITEM_LENGTH;
// _item_length_init equivalent.
s->item_length_location = rdata_tail++;
}
*(rdata_tail++) = fc;
} else {
WARN(ZS_TEXT_OVERFLOW);
......@@ -519,6 +533,15 @@
action _text_dec_init {
if (rdata_tail <= rdata_stop) {
// Split long string.
if (s->long_string &&
rdata_tail - s->item_length_location == 1 + MAX_ITEM_LENGTH) {
// _item_length_exit equivalent.
*(s->item_length_location) = MAX_ITEM_LENGTH;
// _item_length_init equivalent.
s->item_length_location = rdata_tail++;
}
*rdata_tail = 0;
s->item_length++;
} else {
......@@ -569,8 +592,17 @@
# Text string with forward 1-byte length.
text_string = text >_item_length_init %_item_length_exit;
action _text_array_init {
s->long_string = true;
}
action _text_array_exit {
s->long_string = false;
}
# Text string array as one rdata item.
text_array = (text_string . (sep . text_string)* . sep?);
text_array =
( (text_string . (sep . text_string)* . sep?)
) >_text_array_init %_text_array_exit $!_text_array_exit;
# END
# BEGIN - TTL directive processing
......
......@@ -24,6 +24,8 @@ second"
third ; Second string
)
@ TXT "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMN1234\053" ; Text string of maximal length (255 chars)
@ TXT "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMN1234\0536" ; Minimum overflowed text string which should be divided into two strings.
@ TXT "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMN1234\053\054" ; Minimum overflowed text string which should be divided into two strings (decimal version).
@ txt "" ; Type in lower-case
; KO
......@@ -33,4 +35,3 @@ third ; Second string
@ TXT \01 ; Missing digit in decimal notation
@ TXT \256 ; 8bit overflow in decimal notation
@ TXT """ ; '"' char without forward slash
@ TXT "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNabcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMN1234\0536" ; Maximal length overflow
......@@ -110,6 +110,18 @@ OWNER=00
CLASS=0001
RRTTL=00000001
RTYPE=0010
RDATA=FF6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E31323334350136
------
OWNER=00
CLASS=0001
RRTTL=00000001
RTYPE=0010
RDATA=FF6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E6162636465666768696A6B6C6D6E6F707172737475767778797A313233343536373839304142434445464748494A4B4C4D4E31323334350136
------
OWNER=00
CLASS=0001
RRTTL=00000001
RTYPE=0010
RDATA=00
------
WARNG=ZS_BAD_RDATA
......@@ -124,5 +136,3 @@ WARNG=ZS_NUMBER8_OVERFLOW
------
WARNG=ZS_BAD_TEXT
------
WARNG=ZS_ITEM_OVERFLOW
------
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment