diff options
author | Steinar H. Gunderson <sesse@google.com> | 2007-09-29 13:58:23 +0000 |
---|---|---|
committer | Steinar H. Gunderson <sesse@google.com> | 2007-09-29 13:58:23 +0000 |
commit | 46f32200976db43589680f770b1c5d056365d4f1 (patch) | |
tree | 169e15e203a7f0b9d7cd8b643f64ef5d2f477fb1 /ares_mkquery.c | |
parent | 22c2794e764e6a40f28d997a495714b5e6369758 (diff) | |
download | c-ares-46f32200976db43589680f770b1c5d056365d4f1.tar.gz c-ares-46f32200976db43589680f770b1c5d056365d4f1.tar.bz2 c-ares-46f32200976db43589680f770b1c5d056365d4f1.zip |
Reject names that are longer than 255 characters, to avoid problems with strict or buggy DNS server implementations. (Patch from the Google tree)
Diffstat (limited to 'ares_mkquery.c')
-rw-r--r-- | ares_mkquery.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/ares_mkquery.c b/ares_mkquery.c index 9c84446..919ddf3 100644 --- a/ares_mkquery.c +++ b/ares_mkquery.c @@ -108,6 +108,23 @@ int ares_mkquery(const char *name, int dnsclass, int type, unsigned short id, if (*name && *(p - 1) != '.') len++; + /* Immediately reject names that are longer than the maximum of 255 + * bytes that's specified in RFC 1035 ("To simplify implementations, + * the total length of a domain name (i.e., label octets and label + * length octets) is restricted to 255 octets or less."). We aren't + * doing this just to be a stickler about RFCs. For names that are + * too long, 'dnscache' closes its TCP connection to us immediately + * (when using TCP) and ignores the request when using UDP, and + * BIND's named returns ServFail (TCP or UDP). Sending a request + * that we know will cause 'dnscache' to close the TCP connection is + * painful, since that makes any other outstanding requests on that + * connection fail. And sending a UDP request that we know + * 'dnscache' will ignore is bad because resources will be tied up + * until we time-out the request. + */ + if (len > MAXCDNAME) + return ARES_EBADNAME; + *buflen = len + HFIXEDSZ + QFIXEDSZ; *buf = malloc(*buflen); if (!*buf) |