diff options
| -rw-r--r-- | src/dns.c | 14 | ||||
| -rw-r--r-- | tests/dns.c | 11 |
2 files changed, 20 insertions, 5 deletions
@@ -210,8 +210,10 @@ int fqdn_to_qname( char* _source, int _sourcelen, char* _sink ,int _sinklen ) _sink[i+1] = _source[i]; } - if( _source[i] ) /* _source not terminated, thus no valid string */ + if( _source[i] ) { + _sink[0] = 0; /* ensure _sink is terminated */ return -1; + } for (o = 0; o < i; o++) { if( _sink[o] == '.') { @@ -239,6 +241,7 @@ int qname_to_fqdn( char* _source, int _sourcelen, char* _sink, int _sinklen ) for(i = 1; i < (unsigned)_sourcelen; i++) { if( i > (unsigned)_sinklen){ /* Output too small. Not >= bc sink[i-1] is used */ + _sink[0] = 0; /* ensure _sink is terminated */ return -1; } if ( !_source[i] ) { @@ -263,9 +266,7 @@ int qname_check( char* _source, int _sourcelen ) if (!_sourcelen) return -1; - /* TODO questionable control flow */ - /* TODO add ASCII prrintable check */ for (i = 0; i < _sourcelen; i++) { if ( i == next_dot ) { if (_source[i]) { /* Not last dot */ @@ -275,6 +276,13 @@ int qname_check( char* _source, int _sourcelen ) } } else if (!_source[i]) { /* Unexpected \0 */ return -1; + } else if ( + !(_source[i]>='0' && _source[i]<='9') && + !(_source[i]>='A' && _source[i]<='Z') && + !(_source[i]>='a' && _source[i]<='z') && + !(_source[i]== '-') && !(_source[i]=='_') + ) { + return -1; } } diff --git a/tests/dns.c b/tests/dns.c index e75f209..a282b8b 100644 --- a/tests/dns.c +++ b/tests/dns.c @@ -11,12 +11,19 @@ START_TEST (dns_qname) { char in[128]; char out[128]; + char* fqdn = "sub.domain.example.com"; + char* inval_fqdn = "is!this.domain.invalid?"; - strncpy ( in, "sub.domain.example.com\0", 127); + strncpy ( in, fqdn , 127); ck_assert_int_gt( fqdn_to_qname (in,128,out,128), 0 ); - ck_assert_int_ge( qname_check(out,128), 0 ); + ck_assert_int_ge( qname_check (out,128), 0 ); ck_assert_int_gt( qname_to_fqdn (out,128,in,128), 0); + ck_assert_str_eq( in, fqdn ); + + /* Check for working invalid protection */ + ck_assert_int_gt( fqdn_to_qname (inval_fqdn,strlen(inval_fqdn),out,128), 0 ); + ck_assert_int_lt( qname_check(out,128), 0 ); } END_TEST START_TEST (dns_qname_fuzz) { |