summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-rr.c
Commit message (Collapse)AuthorAgeFilesLines
* resolve: add missing assertionYu Watanabe2022-12-101-1/+2
|
* resolve: shorten code a bitYu Watanabe2022-12-101-4/+2
|
* resolve: drop recursion in TXT field handlingYu Watanabe2022-12-101-19/+13
| | | | Fixes #25683.
* resolve: optimize conversion of TXT fields to jsonYu Watanabe2022-12-091-17/+33
| | | | | | Fixes oss-fuzz#54080 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54080). Fixes #25654.
* resolve: format zero-length RDATA according to rfc3597Evgeny Vereshchagin2022-11-261-5/+8
| | | | | If the RDATA is of zero length, the text representation contains only the \# token and the single zero representing the length.
* resolved: remove inappropriate assert()Lennart Poettering2022-11-251-1/+0
| | | | | | | | | | | | | | | A NULL Bitmap object is by all our code considered identical to an empty bitmap. Hence let's remove the entirely unnecessary assert(). The assert() can be triggered if debug monitoring is used an an empty NSEC or NSEC3 RR is included in an answer resolved returns. it's not really a security issue since enabling debug monitoring is a manual step requiring root privileges, that is off by default. Moreover, it's a "clean" assert(), i.e. the worst that happens is tha a coredump is generated and resolved restarted. Fixes: #25449
* resolved: add generic formatters for RRs into JSONLennart Poettering2022-09-301-0/+242
| | | | | | For now we can use it to send broken-down records of JSON via the monitor logic, but one day we can certainly reuse for dumping the caches, or to implement a ResolveRecord() varlink call one day.
* resolved: split out helper for allocating DnsResourceRecord object from raw dataLennart Poettering2022-09-301-0/+17
| | | | No change in behaviour, just some refactoring.
* resolved: don't access sshfp fields from tlsa printerLennart Poettering2022-09-281-12/+5
|
* tree-wide: Use correct format specifiersJan Janssen2022-08-301-2/+2
| | | | gcc will complain about all these with -Wformat-signedness.
* resolved: add DNS_RESOURCE_KEY_REPLACEZbigniew Jędrzejewski-Szmek2022-05-121-7/+4
|
* resolved: add DNS_RR_REPLACEZbigniew Jędrzejewski-Szmek2022-05-121-3/+1
|
* tree-wide: add a space after if, switch, for, and whileYu Watanabe2022-04-011-2/+2
|
* list: declare iterator of LIST_FOREACH() in the loopYu Watanabe2022-03-191-4/+1
|
* tree-wide: voidify unchecked snprintf callsLuca Boccassi2021-08-201-4/+4
| | | | | | | | | | | | | | | According to Coverity, 194 ouf of 227 times we check for snprintf return code. Voidify the rest. CID#1461512 CID#1461513 CID#1461514 CID#1461515 CID#1461516 CID#1461518 CID#1461519 CID#1461520 CID#1461522
* alloc-util: make mfree() typesafeLennart Poettering2021-08-111-2/+3
| | | | | | Make sure we return the same type as we accept. One incorrect use of mfree() is discovered and fixed this way.
* resolved: do not try to copy empty NSEC types bitmapsAlexander Tsoy2021-06-291-6/+10
| | | | | | dns_resource_record_copy() assumes that NSEC types bitmap is non-empty which results in a null pointer dereference inside bitmap_copy() in some cases. Fix this by calling bitmap_copy() conditionally.
* resolved: inline iterator variable declarationsZbigniew Jędrzejewski-Szmek2021-05-141-3/+1
|
* resolved: use narrower types for label counts in rrZbigniew Jędrzejewski-Szmek2021-05-141-5/+5
| | | | Order will be adjusted later to remove holes.
* resolved: indent tables for readabilityZbigniew Jędrzejewski-Szmek2021-05-141-3/+3
| | | | | Some of the tables in resolved were already doing using this convention. This makes the rest of them do so too.
* resolved-dns-rr: drop unneeded bracesDavid Tardon2021-03-181-2/+1
|
* resolved-dns-rr: use already existing variableDavid Tardon2021-03-181-13/+7
|
* resolved-dns-rr: avoid unnecessary reassignmentDavid Tardon2021-03-181-7/+4
|
* resolved-dns-rr: don't leak s if base64_append failsDavid Tardon2021-03-181-3/+3
|
* resolved: tighten checks in dns_resource_record_get_cname_target()Lennart Poettering2021-03-061-0/+10
| | | | | | | | | Let's refuse to consider CNAME/DNAME replies matching for RR types where that is not really conceptually allow (i.e. on CNAME/DNAME lookups themselves). (And add a similar check to dns_resource_key_match_cname_or_dname() too, which implements a smilar match)
* tree-wide: use UINT64_MAX or friendsYu Watanabe2021-03-051-9/+9
|
* resolved: add dns_resource_record_get_cname_target() helperLennart Poettering2021-02-221-0/+42
| | | | | This determines the redirection target from a CNAME or DNAME RR given it matches some given RR key.
* tree-wide: use in_addr_is_set() or friendsYu Watanabe2021-02-181-1/+1
|
* answer: minor refactor – move link local check into RR codeLennart Poettering2021-02-141-0/+14
|
* resolve: slightly optimize dns_answer_add()Yu Watanabe2020-12-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, dns_answer_add() was O(n^2). With this change dns_packet_extract() becomes ~15 times faster for some extremal case. Before: ``` $ time ./fuzz-dns-packet ~/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808 /home/watanabe/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808... ok real 0m15.453s user 0m15.430s sys 0m0.007s ``` After: ``` $ time ./fuzz-dns-packet ~/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808 /home/watanabe/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808... ok real 0m0.831s user 0m0.824s sys 0m0.006s ``` Hopefully fixes oss-fuzz#19227. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19227
* resolve: field size in dns resource record may be zeroYu Watanabe2020-12-301-10/+10
|
* resolve: do not compare key twiceYu Watanabe2020-12-301-1/+1
|
* resolve: slightly shorten dns_resource_key_compare_func()Yu Watanabe2020-12-301-12/+8
|
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* resolved: check return value of memdup() correctly for OOMLennart Poettering2020-11-031-1/+1
|
* resolved: use structured initialization everywhereLennart Poettering2020-10-281-10/+15
|
* tree-wide: define iterator inside of the macroZbigniew Jędrzejewski-Szmek2020-09-081-2/+1
|
* tree-wide: "unparseable" → "unparsable"Zbigniew Jędrzejewski-Szmek2020-07-021-9/+9
| | | | | "unparsable" is the more common spelling. We already pick "movable" over "moveable". Let's do the same with this pair.
* travis: turn on nonnull-attribute on FuzzitEvgeny Vereshchagin2019-06-151-1/+2
|
* resolve: split the RR comparison function in twoZbigniew Jędrzejewski-Szmek2019-03-041-10/+18
| | | | No functional change.
* resolve: drop unnecessary %n fields from dns_resource_record_to_string()Yu Watanabe2019-02-161-16/+8
| | | | | | And use returned value by asprintf() instead. This hopefully fixes #11733.
* resolve: reject host names with leading or trailing dashes in /etc/hostsZbigniew Jędrzejewski-Szmek2018-12-101-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | https://tools.ietf.org/html/rfc1035#section-2.3.1 says (approximately) that only letters, numbers, and non-leading non-trailing dashes are allowed (for entries with A/AAAA records). We set no restrictions. hosts(5) says: > Host names may contain only alphanumeric characters, minus signs ("-"), and > periods ("."). They must begin with an alphabetic character and end with an > alphanumeric character. nss-files follows those rules, and will ignore names in /etc/hosts that do not follow this rule. Let's follow the documented rules for /etc/hosts. In particular, this makes us consitent with nss-files, reducing surprises for the user. I'm pretty sure we should apply stricter filtering to names received over DNS and LLMNR and MDNS, but it's a bigger project, because the rules differ depepending on which level the label appears (rules for top-level names are stricter), and this patch takes the minimalistic approach and only changes behaviour for /etc/hosts. Escape syntax is also disallowed in /etc/hosts, even if the resulting character would be allowed. Other tools that parse /etc/hosts do not support this, and there is no need to use it because no allowed characters benefit from escaping.
* tree-wide: make hash_ops typesafeYu Watanabe2018-12-021-22/+10
|
* tree-wide: use DEFINE_TRIVIAL_REF_UNREF_FUNC() macro or friends where applicableYu Watanabe2018-08-271-20/+4
|
* resolve: use CMP() in dns_resource_record_compare_funcFilipe Brandenburger2018-08-061-4/+3
| | | | | This function doesn't really implement ordering, but CMP() is still fine to use there. Keep the comment in place, just update it slightly to indicate that.
* tree-wide: Convert compare_func's to use CMP() macro wherever possible.Filipe Brandenburger2018-08-061-8/+6
| | | | | | | | Looked for definitions of functions using the *_compare_func() suffix. Tested: - Unit tests passed (ninja -C build/ test) - Installed this build and booted with it.
* resolve: fix log messageYu Watanabe2018-06-201-1/+1
|
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-3/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* tree-wide: drop spurious newlines (#8764)Lennart Poettering2018-04-191-1/+0
| | | | | | | | Double newlines (i.e. one empty lines) are great to structure code. But let's avoid triple newlines (i.e. two empty lines), quadruple newlines, quintuple newlines, …, that's just spurious whitespace. It's an easy way to drop 121 lines of code, and keeps the coding style of our sources a bit tigther.
View Lorry Controller Status