diff options
author | Michael Wallner <mike@php.net> | 2018-02-05 09:04:07 +0100 |
---|---|---|
committer | Michael Wallner <mike@php.net> | 2018-02-05 09:04:07 +0100 |
commit | 42f2ae0572e61da94246c910ec0cf1eddd221cd1 (patch) | |
tree | afef575d4d45d835e530d236219047a684bc7509 /ext/standard | |
parent | a694433bffb766be57bcbe203113160e42453357 (diff) | |
download | php-git-42f2ae0572e61da94246c910ec0cf1eddd221cd1.tar.gz |
fix bug #75916 DNS_CAA record results contain garbage
It is assumed that DNS_CAA record values are zero terminated,
while its length is defined as (RDATA_LENGTH - tag_length - 2).
Diffstat (limited to 'ext/standard')
-rw-r--r-- | ext/standard/dns.c | 5 | ||||
-rw-r--r-- | ext/standard/tests/network/dns_get_record_caa.phpt | 41 |
2 files changed, 28 insertions, 18 deletions
diff --git a/ext/standard/dns.c b/ext/standard/dns.c index c476a1c013..8e102f816f 100644 --- a/ext/standard/dns.c +++ b/ext/standard/dns.c @@ -549,7 +549,10 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t CHECKCP(n); add_assoc_stringl(subarray, "tag", (char*)cp, n); cp += n; - add_assoc_string(subarray, "value", (char*)cp); + n = dlen - n - 2; + CHECKCP(n); + add_assoc_stringl(subarray, "value", (char*)cp, n); + cp += n; break; case DNS_T_TXT: { diff --git a/ext/standard/tests/network/dns_get_record_caa.phpt b/ext/standard/tests/network/dns_get_record_caa.phpt index 121bb92ae7..21286921e1 100644 --- a/ext/standard/tests/network/dns_get_record_caa.phpt +++ b/ext/standard/tests/network/dns_get_record_caa.phpt @@ -7,25 +7,32 @@ if (getenv("SKIP_ONLINE_TESTS")) die("skip online test"); ?> --FILE-- <?php -/* This must be a domain that publishes an RFC6844 CAA-type DNS record */ -$domain = 'google.com'; -$match = false; -$dns = dns_get_record($domain, DNS_CAA); -if (count($dns) > 0) { - if (array_key_exists('type', $dns[0]) - and $dns[0]['type'] == 'CAA' - and array_key_exists('flags', $dns[0]) - and array_key_exists('tag', $dns[0]) - and array_key_exists('value', $dns[0]) - ) { - $match = true; +/* This must be domains which publish an RFC6844 CAA-type DNS record */ +$domains = ["big.basic.caatestsuite.com", "google.com"]; +foreach ($domains as $domain) { + $match = false; + $dns = dns_get_record($domain, DNS_CAA); + if (count($dns) > 0) { + if (array_key_exists("type", $dns[0]) + and $dns[0]["type"] == "CAA" + and array_key_exists("flags", $dns[0]) + and array_key_exists("tag", $dns[0]) + and array_key_exists("value", $dns[0]) + ) { + $chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-."; + if (strlen($dns[0]["value"]) == strspn($dns[0]["value"], $chars)) { + $match = true; + } + } + } + if ($match) { + echo "CAA record found\n"; + } else { + echo "CAA lookup failed\n"; + var_dump($dns); } -} -if ($match) { - echo "CAA record found\n"; -} else { - echo "CAA Lookup failed\n"; } ?> --EXPECT-- CAA record found +CAA record found |