1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

resolved: correct parsing of OPT extended RCODEs

The DNS_PACKET_RCODE() function works out the full RCODE by taking the
first octet from the OPT record TTL field and bitwise-OR-ing this with
the basic RCODE from the packet header. This results in RCODE values
being lower than they should be.

For example, if the first TTL octet is 0x7a and the basic RCODE is 3,
this function currently returns `0x7a | 3` = 123, rather than 0x7a3 =
1955.

The first TTL octet is supposed to form the upper 8 bits of a 12-bit
value, whereas the current implementation constraints the value to 8
bits and results in mis-interpreted RCODEs.

This fixes things by shifting the TTL 20 places instead of 24 and
masking off the low nibble that comes from the upper bits of the version
octet.

Note that dns_packet_append_opt() correctly converts the input RCODE
into the high octet of the OPT TTL field; this problem only affects
parsing of incoming packets.

(cherry picked from commit c40f3714c9)
This commit is contained in:
James Coglan 2024-06-28 13:58:22 +01:00 committed by Luca Boccassi
parent 711f843e3a
commit 7ee60a8614

View File

@ -117,7 +117,7 @@ static inline uint16_t DNS_PACKET_RCODE(DnsPacket *p) {
uint16_t rcode; uint16_t rcode;
if (p->opt) if (p->opt)
rcode = (uint16_t) (p->opt->ttl >> 24); rcode = (uint16_t) ((p->opt->ttl >> 20) & 0xFF0);
else else
rcode = 0; rcode = 0;