From 0f4cffbacc459c44768bd0d28ec92141dc90302a Mon Sep 17 00:00:00 2001 From: Jfreegman Date: Mon, 11 Aug 2014 01:59:01 -0400 Subject: [PATCH] a few dns fixes --- src/dns.c | 21 ++++++++++++--------- src/misc_tools.c | 2 +- src/misc_tools.h | 4 ++-- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/src/dns.c b/src/dns.c index a4ce046..206e3de 100644 --- a/src/dns.c +++ b/src/dns.c @@ -43,7 +43,7 @@ #include "configdir.h" #define DNS3_KEY_SIZE 32 -#define MAX_DNS_REQST_SIZE 256 +#define MAX_DNS_REQST_SIZE 255 #define NUM_DNS3_BACKUP_SERVERS 2 /* must correspond to number of items in dns3_servers array */ #define TOX_DNS3_TXT_PREFIX "v=tox3;id=" @@ -87,8 +87,8 @@ static struct _dns_thread { #define MAX_DNS_SERVERS 50 -#define MAX_DOMAIN_SIZE 128 -#define MAX_DNS_LINE MAX_DOMAIN_SIZE + DNS3_KEY_SIZE + 2 +#define MAX_DOMAIN_SIZE 32 +#define MAX_DNS_LINE MAX_DOMAIN_SIZE + (DNS3_KEY_SIZE * 2) + 3 struct _dns3_servers { bool loaded; @@ -108,7 +108,7 @@ static int load_dns_domainlist(void) char line[MAX_DNS_LINE]; while (fgets(line, sizeof(line), fp) && dns3_servers.lines < MAX_DNS_SERVERS) { - if (strlen(line) < (2 * DNS3_KEY_SIZE) + 4) + if (strlen(line) < (DNS3_KEY_SIZE * 2) + 4) continue; const char *name = strtok(line, " "); @@ -118,7 +118,7 @@ static int load_dns_domainlist(void) continue; snprintf(dns3_servers.names[dns3_servers.lines], sizeof(dns3_servers.names[dns3_servers.lines]), "%s", name); - int res = hex_string_to_bytes(dns3_servers.keys[dns3_servers.lines], DNS3_KEY_SIZE, keystr, strlen(keystr)); + int res = hex_string_to_bytes(dns3_servers.keys[dns3_servers.lines], DNS3_KEY_SIZE, keystr); if (res == -1) continue; @@ -211,6 +211,9 @@ static int parse_dns_response(ToxWindow *self, u_char *answer, int ans_len, char if (!size || txt_len >= size || !txt_len) return dns_error(self, "No record found."); + if (txt_len > MAX_DNS_REQST_SIZE) + return dns_error(self, "Invalid DNS response."); + ans_pt++; ans_pt[txt_len] = '\0'; memcpy(buf, ans_pt, txt_len + 1); @@ -307,7 +310,7 @@ void *dns3_lookup_thread(void *data) kill_dns_thread(NULL); } - char string[MAX_DNS_REQST_SIZE]; + char string[MAX_DNS_REQST_SIZE + 1]; uint32_t request_id; int str_len = tox_generate_dns3_string(dns_obj, (uint8_t *) string, sizeof(string), &request_id, @@ -321,7 +324,7 @@ void *dns3_lookup_thread(void *data) string[str_len] = '\0'; u_char answer[PACKETSZ]; - char d_string[MAX_DNS_REQST_SIZE]; + char d_string[MAX_DOMAIN_SIZE + MAX_DNS_REQST_SIZE + 10]; /* format string and create dns query */ snprintf(d_string, sizeof(d_string), "_%s._tox.%s", string, domain); @@ -332,13 +335,13 @@ void *dns3_lookup_thread(void *data) kill_dns_thread(dns_obj); } - char ans_id[MAX_DNS_REQST_SIZE]; + char ans_id[MAX_DNS_REQST_SIZE + 1]; /* extract TXT from DNS response */ if (parse_dns_response(self, answer, ans_len, ans_id) == -1) kill_dns_thread(dns_obj); - char encrypted_id[MAX_DNS_REQST_SIZE]; + char encrypted_id[MAX_DNS_REQST_SIZE + 1]; int prfx_len = strlen(TOX_DNS3_TXT_PREFIX); /* extract the encrypted ID from TXT response */ diff --git a/src/misc_tools.c b/src/misc_tools.c index aa2e2d6..d27fe20 100644 --- a/src/misc_tools.c +++ b/src/misc_tools.c @@ -124,7 +124,7 @@ char *hex_string_to_bin(const char *hex_string) return val; } -int hex_string_to_bytes(char *buf, int size, const char *keystr, int strsize) +int hex_string_to_bytes(char *buf, int size, const char *keystr) { if (size % 2 != 0) return -1; diff --git a/src/misc_tools.h b/src/misc_tools.h index 4ba2628..114808c 100644 --- a/src/misc_tools.h +++ b/src/misc_tools.h @@ -43,12 +43,12 @@ void host_to_net(uint8_t *num, uint16_t numbytes); char *hex_string_to_bin(const char *hex_string); /* convert a hex string to bytes. returns 0 on success, -1 on failure */ -int hex_string_to_bytes(char *buf, int size, const char *keystr, int strsize); +int hex_string_to_bytes(char *buf, int size, const char *keystr); /* get the current unix time */ uint64_t get_unix_time(void); -/*Puts the current time in buf in the format of [HH:mm:ss] */ +/* Puts the current time in buf in the format of [HH:mm:ss] */ void get_time_str(char *buf, int bufsize); /* Converts seconds to string in format HH:mm:ss; truncates hours and minutes when necessary */