1 /* dnsmasq is Copyright (c) 2000-2022 Simon Kelley
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 /* Code to safely remove RRs from a DNS answer */
21 /* Go through a domain name, find "pointers" and fix them up based on how many bytes
22 we've chopped out of the packet, or check they don't point into an elided part. */
23 static int check_name(unsigned char **namep, struct dns_header *header, size_t plen, int fixup, unsigned char **rrs, int rr_count)
25 unsigned char *ansp = *namep;
29 unsigned int label_type;
31 if (!CHECK_LEN(header, ansp, plen, 1))
34 label_type = (*ansp) & 0xc0;
36 if (label_type == 0xc0)
38 /* pointer for compression. */
43 if (!CHECK_LEN(header, ansp, plen, 2))
46 offset = ((*ansp++) & 0x3f) << 8;
49 p = offset + (unsigned char *)header;
51 for (i = 0; i < rr_count; i++)
56 offset -= rrs[i] - rrs[i-1];
58 /* does the pointer end up in an elided RR? */
62 /* No, scale the pointer */
66 *ansp++ = (offset >> 8) | 0xc0;
67 *ansp++ = offset & 0xff;
71 else if (label_type == 0x80)
72 return 0; /* reserved */
73 else if (label_type == 0x40)
75 /* Extended label type */
78 if (!CHECK_LEN(header, ansp, plen, 2))
81 if (((*ansp++) & 0x3f) != 1)
82 return 0; /* we only understand bitstrings */
84 count = *(ansp++); /* Bits in bitstring */
86 if (count == 0) /* count == 0 means 256 bits */
89 ansp += ((count-1)>>3)+1;
92 { /* label type == 0 Bottom six bits is length */
93 unsigned int len = (*ansp++) & 0x3f;
95 if (!ADD_RDLEN(header, ansp, plen, len))
99 break; /* zero length label marks the end. */
108 /* Go through RRs and check or fixup the domain names contained within */
109 static int check_rrs(unsigned char *p, struct dns_header *header, size_t plen, int fixup, unsigned char **rrs, int rr_count)
111 int i, j, type, class, rdlen;
114 for (i = 0; i < ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount); i++)
118 if (!(p = skip_name(p, header, plen, 10)))
126 /* If this RR is to be elided, don't fix up its contents */
127 for (j = 0; j < rr_count; j += 2)
133 /* fixup name of RR */
134 if (!check_name(&pp, header, plen, fixup, rrs, rr_count))
141 for (pp = p, d = rrfilter_desc(type); *d != (u16)-1; d++)
145 else if (!check_name(&pp, header, plen, fixup, rrs, rr_count))
151 if (!ADD_RDLEN(header, p, plen, rdlen))
159 /* mode may be remove EDNS0 or DNSSEC RRs or remove A or AAAA from answer section. */
160 size_t rrfilter(struct dns_header *header, size_t plen, int mode)
162 static unsigned char **rrs = NULL;
163 static int rr_sz = 0;
165 unsigned char *p = (unsigned char *)(header+1);
166 int i, rdlen, qtype, qclass, rr_found, chop_an, chop_ns, chop_ar;
168 if (ntohs(header->qdcount) != 1 ||
169 !(p = skip_name(p, header, plen, 4)))
175 /* First pass, find pointers to start and end of all the records we wish to elide:
176 records added for DNSSEC, unless explicitly queried for */
177 for (rr_found = 0, chop_ns = 0, chop_an = 0, chop_ar = 0, i = 0;
178 i < ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount);
181 unsigned char *pstart = p;
184 if (!(p = skip_name(p, header, plen, 10)))
192 if (!ADD_RDLEN(header, p, plen, rdlen))
195 if (mode == RRFILTER_EDNS0) /* EDNS */
197 /* EDNS mode, remove T_OPT from additional section only */
198 if (i < (ntohs(header->nscount) + ntohs(header->ancount)) || type != T_OPT)
201 else if (mode == RRFILTER_DNSSEC)
203 if (type != T_NSEC && type != T_NSEC3 && type != T_RRSIG)
204 /* DNSSEC mode, remove SIGs and NSECs from all three sections. */
207 /* Don't remove the answer. */
208 if (i < ntohs(header->ancount) && type == qtype && class == qclass)
213 /* Only looking at answer section now. */
214 if (i >= ntohs(header->ancount))
220 if (mode == RRFILTER_A && type != T_A)
223 if (mode == RRFILTER_AAAA && type != T_AAAA)
227 if (!expand_workspace(&rrs, &rr_sz, rr_found + 1))
230 rrs[rr_found++] = pstart;
233 if (i < ntohs(header->ancount))
235 else if (i < (ntohs(header->nscount) + ntohs(header->ancount)))
245 /* Second pass, look for pointers in names in the records we're keeping and make sure they don't
246 point to records we're going to elide. This is theoretically possible, but unlikely. If
247 it happens, we give up and leave the answer unchanged. */
248 p = (unsigned char *)(header+1);
251 if (!check_name(&p, header, plen, 0, rrs, rr_found))
253 p += 4; /* qclass, qtype */
255 /* Now answers and NS */
256 if (!check_rrs(p, header, plen, 0, rrs, rr_found))
259 /* Third pass, actually fix up pointers in the records */
260 p = (unsigned char *)(header+1);
262 check_name(&p, header, plen, 1, rrs, rr_found);
263 p += 4; /* qclass, qtype */
265 check_rrs(p, header, plen, 1, rrs, rr_found);
267 /* Fourth pass, elide records */
268 for (p = rrs[0], i = 1; i < rr_found; i += 2)
270 unsigned char *start = rrs[i];
271 unsigned char *end = (i != rr_found - 1) ? rrs[i+1] : ((unsigned char *)header) + plen;
273 memmove(p, start, end-start);
277 plen = p - (unsigned char *)header;
278 header->ancount = htons(ntohs(header->ancount) - chop_an);
279 header->nscount = htons(ntohs(header->nscount) - chop_ns);
280 header->arcount = htons(ntohs(header->arcount) - chop_ar);
285 /* This is used in the DNSSEC code too, hence it's exported */
286 u16 *rrfilter_desc(int type)
288 /* List of RRtypes which include domains in the data.
290 integer -> no. of plain bytes
293 zero is not a valid RRtype, so the final entry is returned for
294 anything which needs no mangling.
297 static u16 rr_desc[] =
319 0, -1 /* wildcard/catchall */
324 while (*p != type && *p != 0)
325 while (*p++ != (u16)-1);
330 int expand_workspace(unsigned char ***wkspc, int *szp, int new)
343 if (!(p = whine_realloc(*wkspc, new * sizeof(unsigned char *))))
346 memset(p+old, 0, new-old);