diff options
| author | Bob Halley <halley@dnspython.org> | 2021-11-16 07:17:02 -0800 |
|---|---|---|
| committer | Bob Halley <halley@dnspython.org> | 2021-11-16 07:17:02 -0800 |
| commit | e35de75ae3df365055f62f787b3cbe4ba25364cc (patch) | |
| tree | 0e2ee43a72922a81b19f71b0583b368f8f9353f0 | |
| parent | 3d51bf062fc4ef245abc066dead6d3ec0f976459 (diff) | |
| download | dnspython-e35de75ae3df365055f62f787b3cbe4ba25364cc.tar.gz | |
Do not impose 2**31-1 bounds on TTL-like things; impose 2**32-1.
| -rw-r--r-- | dns/ttl.py | 10 | ||||
| -rw-r--r-- | tests/test_bugs.py | 5 | ||||
| -rw-r--r-- | tests/test_message.py | 14 | ||||
| -rw-r--r-- | tests/test_transaction.py | 2 |
4 files changed, 15 insertions, 16 deletions
@@ -19,7 +19,13 @@ import dns.exception -MAX_TTL = 2147483647 +# Technically TTLs are supposed to be between 0 and 2**31 - 1, with values +# greater than that interpreted as 0, but we do not impose this policy here +# as values > 2**31 - 1 occur in real world data. +# +# We leave it to applications to impose tighter bounds if desired. +MAX_TTL = 2**32 - 1 + class BadTTL(dns.exception.SyntaxError): """DNS TTL value is not well-formed.""" @@ -71,7 +77,7 @@ def from_text(text): if not current == 0: raise BadTTL("trailing integer") if total < 0 or total > MAX_TTL: - raise BadTTL("TTL should be between 0 and 2^31 - 1 (inclusive)") + raise BadTTL("TTL should be between 0 and 2**32 - 1 (inclusive)") return total diff --git a/tests/test_bugs.py b/tests/test_bugs.py index b9636a6..3080e50 100644 --- a/tests/test_bugs.py +++ b/tests/test_bugs.py @@ -42,11 +42,6 @@ class BugsTestCase(unittest.TestCase): u"a b 100 1 60 3600 86400") self.assertEqual(rdata1, rdata2) - def test_TTL_bounds_check(self): - def bad(): - dns.ttl.from_text("2147483648") - self.assertRaises(dns.ttl.BadTTL, bad) - def test_empty_NSEC3_window(self): rdata = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.NSEC3, u"1 0 100 ABCD SCBCQHKU35969L2A68P3AD59LHF30715") diff --git a/tests/test_message.py b/tests/test_message.py index ad30298..ff9f550 100644 --- a/tests/test_message.py +++ b/tests/test_message.py @@ -690,7 +690,7 @@ flags QR m = dns.message.from_wire(goodwire) self.assertIsInstance(m.flags, dns.flags.Flag) self.assertEqual(m.flags, dns.flags.Flag.RD) - + def test_continue_on_error(self): good_message = dns.message.from_text( """id 1234 @@ -700,7 +700,7 @@ flags QR AA RD ;QUESTION www.dnspython.org. IN SOA ;ANSWER -www.dnspython.org. 300 IN SOA . . 1 2 3 4 5 +www.dnspython.org. 300 IN SOA . . 1 2 3 4 4294967295 www.dnspython.org. 300 IN A 1.2.3.4 www.dnspython.org. 300 IN AAAA ::1 """) @@ -709,15 +709,12 @@ www.dnspython.org. 300 IN AAAA ::1 bad_wire = wire[:6] + b'\x00\xff' + wire[8:] # change AAAA into rdata with rdlen 0 bad_wire = bad_wire[:-18] + b'\x00' * 2 - # change SOA MINIMUM field to 0xffffffff (too large) - bad_wire = bad_wire.replace(b'\x00\x00\x00\x05', b'\xff' * 4) m = dns.message.from_wire(bad_wire, continue_on_error=True) - self.assertEqual(len(m.errors), 3) + self.assertEqual(len(m.errors), 2) print(m.errors) - self.assertEqual(str(m.errors[0].exception), 'value too large') - self.assertEqual(str(m.errors[1].exception), + self.assertEqual(str(m.errors[0].exception), 'IPv6 addresses are 16 bytes long') - self.assertEqual(str(m.errors[2].exception), + self.assertEqual(str(m.errors[1].exception), 'DNS message is malformed.') expected_message = dns.message.from_text( """id 1234 @@ -727,6 +724,7 @@ flags QR AA RD ;QUESTION www.dnspython.org. IN SOA ;ANSWER +www.dnspython.org. 300 IN SOA . . 1 2 3 4 4294967295 www.dnspython.org. 300 IN A 1.2.3.4 """) self.assertEqual(m, expected_message) diff --git a/tests/test_transaction.py b/tests/test_transaction.py index 9ac9f56..85aa986 100644 --- a/tests/test_transaction.py +++ b/tests/test_transaction.py @@ -209,7 +209,7 @@ def test_bad_parameters(db): with pytest.raises(ValueError): foo = dns.name.from_text('foo', None) rdata = dns.rdata.from_text('in', 'a', '10.0.0.3') - txn.add(foo, 0x80000000, rdata) + txn.add(foo, 0x100000000, rdata) with pytest.raises(TypeError): txn.add(foo) with pytest.raises(TypeError): |