Skip to content

Commit 4eb6c87

Browse files
jukkarjukkar
committed
tests: net: dns: packet: Add test case for compression bit in CNAME
Add checks that we will be able to catch invalid compression bit in response CNAME handling. Signed-off-by: Jukka Rissanen <[email protected]>
1 parent 9614047 commit 4eb6c87

File tree

1 file changed

+162
-0
lines changed
  • tests/net/lib/dns_packet/src

1 file changed

+162
-0
lines changed

tests/net/lib/dns_packet/src/main.c

Lines changed: 162 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1372,6 +1372,168 @@ ZTEST(dns_packet, test_dns_recursive_query)
13721372
net_buf_unref(dns_cname);
13731373
}
13741374

1375+
static uint8_t invalid_compression_response_ipv4[] = {
1376+
/* DNS msg header (12 bytes) */
1377+
0x74, 0xe1, 0x81, 0x80, 0x00, 0x01, 0x00, 0x01,
1378+
0x00, 0x00, 0x00, 0x00,
1379+
1380+
/* Query string */
1381+
0x0e, 0x77, 0x65, 0x73, 0x74, 0x75, 0x73, 0x32,
1382+
0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
1383+
0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
1384+
0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
1385+
0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
1386+
0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
1387+
0x6d, 0x00,
1388+
1389+
/* Type */
1390+
0x00, 0x01,
1391+
1392+
/* Class */
1393+
0x00, 0x01,
1394+
1395+
/* Answer 1 */
1396+
0xb0, 0x0c, /* <--- invalid compression pointer */
1397+
1398+
/* Answer type (cname) */
1399+
0x00, 0x05,
1400+
1401+
/* Class */
1402+
0x00, 0x01,
1403+
1404+
/* TTL */
1405+
0x00, 0x00, 0x00, 0x04,
1406+
1407+
/* RR data length */
1408+
0x00, 0x02,
1409+
1410+
/* Data */
1411+
0xc0, 0x0c,
1412+
};
1413+
1414+
ZTEST(dns_packet, test_dns_invalid_compress_bits)
1415+
{
1416+
static const uint8_t query[] = {
1417+
/* Query string */
1418+
0x0e, 0x77, 0x65, 0x73, 0x74, 0x75, 0x73, 0x32,
1419+
0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
1420+
0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
1421+
0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
1422+
0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
1423+
0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
1424+
0x6d, 0x00,
1425+
1426+
/* Type */
1427+
0x00, 0x01,
1428+
};
1429+
struct dns_msg_t dns_msg = { 0 };
1430+
uint16_t dns_id = 0;
1431+
int query_idx = -1;
1432+
uint16_t query_hash = 0;
1433+
struct net_buf *dns_cname;
1434+
int ret;
1435+
1436+
dns_cname = net_buf_alloc(&dns_qname_pool_for_test, dns_ctx.buf_timeout);
1437+
zassert_not_null(dns_cname, "Out of mem");
1438+
1439+
dns_msg.msg = invalid_compression_response_ipv4;
1440+
dns_msg.msg_size = sizeof(invalid_compression_response_ipv4);
1441+
1442+
dns_id = dns_unpack_header_id(dns_msg.msg);
1443+
1444+
setup_dns_context(&dns_ctx, 0, dns_id, query, sizeof(query),
1445+
DNS_QUERY_TYPE_A);
1446+
1447+
ret = dns_validate_msg(&dns_ctx, &dns_msg, &dns_id, &query_idx,
1448+
dns_cname, &query_hash);
1449+
zassert_true(ret == DNS_EAI_SYSTEM && errno == EINVAL,
1450+
"[%s] DNS message was valid (%d / %d)",
1451+
"invalid compression rsp", ret, errno);
1452+
1453+
net_buf_unref(dns_cname);
1454+
}
1455+
1456+
static uint8_t invalid_compression_response_cname_ipv4[] = {
1457+
/* DNS msg header (12 bytes) */
1458+
0x74, 0xe1, 0x81, 0x80, 0x00, 0x01, 0x00, 0x01,
1459+
0x00, 0x00, 0x00, 0x00,
1460+
1461+
/* Query string */
1462+
0x0e, 0x77, 0x65, 0x73, 0x74, 0x75, 0x73, 0x32,
1463+
0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
1464+
0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
1465+
0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
1466+
0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
1467+
0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
1468+
0x6d, 0x00,
1469+
1470+
/* Type */
1471+
0x00, 0x01,
1472+
1473+
/* Class */
1474+
0x00, 0x01,
1475+
1476+
/* Answer 1 */
1477+
0xc0, 0x0c,
1478+
1479+
/* Answer type (cname) */
1480+
0x00, 0x05,
1481+
1482+
/* Class */
1483+
0x00, 0x01,
1484+
1485+
/* TTL */
1486+
0x00, 0x00, 0x00, 0x04,
1487+
1488+
/* RR data length */
1489+
0x00, 0x02,
1490+
1491+
/* Data */
1492+
0xb0, 0x0c, /* <--- invalid compression pointer */
1493+
};
1494+
1495+
ZTEST(dns_packet, test_dns_invalid_compress_bits_cname)
1496+
{
1497+
static const uint8_t query[] = {
1498+
/* Query string */
1499+
0x0e, 0x77, 0x65, 0x73, 0x74, 0x75, 0x73, 0x32,
1500+
0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
1501+
0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
1502+
0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
1503+
0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
1504+
0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
1505+
0x6d, 0x00,
1506+
1507+
/* Type */
1508+
0x00, 0x01,
1509+
};
1510+
struct dns_msg_t dns_msg = { 0 };
1511+
uint16_t dns_id = 0;
1512+
int query_idx = -1;
1513+
uint16_t query_hash = 0;
1514+
struct net_buf *dns_cname;
1515+
int ret;
1516+
1517+
dns_cname = net_buf_alloc(&dns_qname_pool_for_test, dns_ctx.buf_timeout);
1518+
zassert_not_null(dns_cname, "Out of mem");
1519+
1520+
dns_msg.msg = invalid_compression_response_cname_ipv4;
1521+
dns_msg.msg_size = sizeof(invalid_compression_response_cname_ipv4);
1522+
1523+
dns_id = dns_unpack_header_id(dns_msg.msg);
1524+
1525+
setup_dns_context(&dns_ctx, 0, dns_id, query, sizeof(query),
1526+
DNS_QUERY_TYPE_A);
1527+
1528+
ret = dns_validate_msg(&dns_ctx, &dns_msg, &dns_id, &query_idx,
1529+
dns_cname, &query_hash);
1530+
zassert_true(ret == DNS_EAI_SYSTEM && errno == EINVAL,
1531+
"[%s] DNS message was valid (%d / %d)",
1532+
"invalid compression rsp", ret, errno);
1533+
1534+
net_buf_unref(dns_cname);
1535+
}
1536+
13751537
ZTEST_SUITE(dns_packet, NULL, NULL, NULL, NULL, NULL);
13761538
/* TODO:
13771539
* 1) add malformed DNS data (mostly done)

0 commit comments

Comments
 (0)