diff --git a/.gitattributes b/.gitattributes index 86b4561c9a..3003b4d13e 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,6 +1,8 @@ *.sln.in eol=crlf *.vcxproj.* eol=crlf +/fuzz/dns_rdata_fromwire_text.in/input-* -text + .gitignore export-ignore /conftools export-ignore /doc/design export-ignore diff --git a/CHANGES b/CHANGES index 12e59095d9..00ce9e2da8 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,11 @@ +5489. [bug] Named failed to reject some invalid records resulting + in records that, after being printed, could not be + loaded or would result in DNSSEC validation failures + when re-read from zone files as the wire format + differed. The covered records records are: CERT, + IPSECKEY, NSEC3, NSEC3PARAM, NXT, SIG, TLSA, WKS, and + X25. [GL !3953] + 5488. [bug] nta needed to have a weak reference on view to prevent the view being deleted while nta tests are being performed. [GL #2067] diff --git a/fuzz/dns_rdata_fromwire_text.c b/fuzz/dns_rdata_fromwire_text.c index 20db8058d3..a71ba5ef37 100644 --- a/fuzz/dns_rdata_fromwire_text.c +++ b/fuzz/dns_rdata_fromwire_text.c @@ -59,13 +59,21 @@ LLVMFuzzerInitialize(int *argc __attribute__((unused)), static void nullmsg(dns_rdatacallbacks_t *cb, const char *fmt, ...) { + va_list args; + UNUSED(cb); - UNUSED(fmt); + + if (debug) { + va_start(args, fmt); + vfprintf(stderr, fmt, args); + fprintf(stderr, "\n"); + va_end(args); + } } int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - char totext[1024]; + char totext[64 * 1044 * 4]; dns_compress_t cctx; dns_decompress_t dctx; dns_rdatatype_t rdtype; @@ -113,10 +121,15 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { rdclass = classlist[(*data++) % classes]; size--; + if (debug) { + fprintf(stderr, "type=%u, class=%u\n", rdtype, rdclass); + } + dns_rdatacallbacks_init(&callbacks); callbacks.warn = callbacks.error = nullmsg; - dns_decompress_init(&dctx, -1, DNS_DECOMPRESS_ANY); + /* Disallow decompression as we are reading a packet */ + dns_decompress_init(&dctx, -1, DNS_DECOMPRESS_NONE); isc_buffer_constinit(&source, data, size); isc_buffer_add(&source, size); @@ -129,14 +142,20 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { */ CHECK(dns_rdata_fromwire(&rdata1, rdclass, rdtype, &source, &dctx, 0, &target)); + assert(rdata1.length == size); /* * Convert to text from wire. */ - isc_buffer_init(&target, totext, sizeof(totext)); + isc_buffer_init(&target, totext, sizeof(totext) - 1); result = dns_rdata_totext(&rdata1, NULL, &target); assert(result == ISC_R_SUCCESS); + /* + * Make debugging easier by NUL terminating. + */ + totext[isc_buffer_usedlength(&target)] = 0; + /* * Convert to wire from text. */ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-0 b/fuzz/dns_rdata_fromwire_text.in/input-0 new file mode 100644 index 0000000000..67264cfff8 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-0 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-1 b/fuzz/dns_rdata_fromwire_text.in/input-1 new file mode 100644 index 0000000000..ae8e0b9aa0 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-1 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-10 b/fuzz/dns_rdata_fromwire_text.in/input-10 new file mode 100644 index 0000000000..2a393486d3 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-10 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-100 b/fuzz/dns_rdata_fromwire_text.in/input-100 new file mode 100644 index 0000000000..5a527cd45c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-100 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-101 b/fuzz/dns_rdata_fromwire_text.in/input-101 new file mode 100644 index 0000000000..1d3d6a2ced Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-101 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-102 b/fuzz/dns_rdata_fromwire_text.in/input-102 new file mode 100644 index 0000000000..b800c4c629 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-102 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-103 b/fuzz/dns_rdata_fromwire_text.in/input-103 new file mode 100644 index 0000000000..c0ca9c0485 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-103 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-104 b/fuzz/dns_rdata_fromwire_text.in/input-104 new file mode 100644 index 0000000000..5c39be4674 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-104 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-105 b/fuzz/dns_rdata_fromwire_text.in/input-105 new file mode 100644 index 0000000000..754d0f2e96 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-105 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-106 b/fuzz/dns_rdata_fromwire_text.in/input-106 new file mode 100644 index 0000000000..af4bdc5de0 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-106 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-107 b/fuzz/dns_rdata_fromwire_text.in/input-107 new file mode 100644 index 0000000000..8ddc50251d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-107 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-108 b/fuzz/dns_rdata_fromwire_text.in/input-108 new file mode 100644 index 0000000000..a328093ddf Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-108 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-109 b/fuzz/dns_rdata_fromwire_text.in/input-109 new file mode 100644 index 0000000000..b566c0b9e7 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-109 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-11 b/fuzz/dns_rdata_fromwire_text.in/input-11 new file mode 100644 index 0000000000..21ca6193e5 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-11 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-110 b/fuzz/dns_rdata_fromwire_text.in/input-110 new file mode 100644 index 0000000000..b55551a084 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-110 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-111 b/fuzz/dns_rdata_fromwire_text.in/input-111 new file mode 100644 index 0000000000..7e4fcd14fd Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-111 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-112 b/fuzz/dns_rdata_fromwire_text.in/input-112 new file mode 100644 index 0000000000..c351052fa1 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-112 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-113 b/fuzz/dns_rdata_fromwire_text.in/input-113 new file mode 100644 index 0000000000..6159786a7d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-113 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-114 b/fuzz/dns_rdata_fromwire_text.in/input-114 new file mode 100644 index 0000000000..a709d51557 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-114 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-115 b/fuzz/dns_rdata_fromwire_text.in/input-115 new file mode 100644 index 0000000000..a6a21c1d1d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-115 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-116 b/fuzz/dns_rdata_fromwire_text.in/input-116 new file mode 100644 index 0000000000..248105bff6 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-116 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-117 b/fuzz/dns_rdata_fromwire_text.in/input-117 new file mode 100644 index 0000000000..82fe40395c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-117 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-118 b/fuzz/dns_rdata_fromwire_text.in/input-118 new file mode 100644 index 0000000000..0b6136e735 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-118 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-119 b/fuzz/dns_rdata_fromwire_text.in/input-119 new file mode 100644 index 0000000000..bb8cd988a9 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-119 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-12 b/fuzz/dns_rdata_fromwire_text.in/input-12 new file mode 100644 index 0000000000..e51156bdae Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-12 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-120 b/fuzz/dns_rdata_fromwire_text.in/input-120 new file mode 100644 index 0000000000..0e0b607a18 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-120 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-121 b/fuzz/dns_rdata_fromwire_text.in/input-121 new file mode 100644 index 0000000000..8671167ea4 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-121 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-122 b/fuzz/dns_rdata_fromwire_text.in/input-122 new file mode 100644 index 0000000000..90d058c86a Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-122 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-123 b/fuzz/dns_rdata_fromwire_text.in/input-123 new file mode 100644 index 0000000000..9728ae93f2 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-123 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-124 b/fuzz/dns_rdata_fromwire_text.in/input-124 new file mode 100644 index 0000000000..7a548018a0 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-124 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-125 b/fuzz/dns_rdata_fromwire_text.in/input-125 new file mode 100644 index 0000000000..90e21755ef Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-125 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-126 b/fuzz/dns_rdata_fromwire_text.in/input-126 new file mode 100644 index 0000000000..04a84f4273 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-126 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-127 b/fuzz/dns_rdata_fromwire_text.in/input-127 new file mode 100644 index 0000000000..b7b8446bcd Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-127 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-128 b/fuzz/dns_rdata_fromwire_text.in/input-128 new file mode 100644 index 0000000000..bd581cd68e Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-128 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-129 b/fuzz/dns_rdata_fromwire_text.in/input-129 new file mode 100644 index 0000000000..f80c669022 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-129 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-13 b/fuzz/dns_rdata_fromwire_text.in/input-13 new file mode 100644 index 0000000000..0c4f452f8c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-13 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-130 b/fuzz/dns_rdata_fromwire_text.in/input-130 new file mode 100644 index 0000000000..00d9438a81 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-130 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-131 b/fuzz/dns_rdata_fromwire_text.in/input-131 new file mode 100644 index 0000000000..b5377d3ec7 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-131 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-132 b/fuzz/dns_rdata_fromwire_text.in/input-132 new file mode 100644 index 0000000000..2866ed0913 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-132 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-133 b/fuzz/dns_rdata_fromwire_text.in/input-133 new file mode 100644 index 0000000000..d6ca8c88b5 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-133 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-134 b/fuzz/dns_rdata_fromwire_text.in/input-134 new file mode 100644 index 0000000000..bee8307e74 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-134 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-135 b/fuzz/dns_rdata_fromwire_text.in/input-135 new file mode 100644 index 0000000000..91efead931 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-135 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-136 b/fuzz/dns_rdata_fromwire_text.in/input-136 new file mode 100644 index 0000000000..f7b184300f Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-136 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-137 b/fuzz/dns_rdata_fromwire_text.in/input-137 new file mode 100644 index 0000000000..2bd706657d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-137 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-138 b/fuzz/dns_rdata_fromwire_text.in/input-138 new file mode 100644 index 0000000000..ea08340323 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-138 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-139 b/fuzz/dns_rdata_fromwire_text.in/input-139 new file mode 100644 index 0000000000..e95cbf5df1 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-139 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-14 b/fuzz/dns_rdata_fromwire_text.in/input-14 new file mode 100644 index 0000000000..bde6b15aef Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-14 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-140 b/fuzz/dns_rdata_fromwire_text.in/input-140 new file mode 100644 index 0000000000..25be40891d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-140 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-141 b/fuzz/dns_rdata_fromwire_text.in/input-141 new file mode 100644 index 0000000000..0b2d0d6b74 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-141 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-142 b/fuzz/dns_rdata_fromwire_text.in/input-142 new file mode 100644 index 0000000000..ca87de0eb3 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-142 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-143 b/fuzz/dns_rdata_fromwire_text.in/input-143 new file mode 100644 index 0000000000..1a3e0ac308 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-143 @@ -0,0 +1 @@ +d$3ÿê \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-15 b/fuzz/dns_rdata_fromwire_text.in/input-15 new file mode 100644 index 0000000000..72df49cc28 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-15 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-16 b/fuzz/dns_rdata_fromwire_text.in/input-16 new file mode 100644 index 0000000000..b80f63ff25 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-16 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-17 b/fuzz/dns_rdata_fromwire_text.in/input-17 new file mode 100644 index 0000000000..cc63d40d53 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-17 @@ -0,0 +1 @@ +d®#®®®®®®®®®®®®®®®®®®®®®Ä®®®®®d®®®®®d \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-18 b/fuzz/dns_rdata_fromwire_text.in/input-18 new file mode 100644 index 0000000000..4a0d214a9b Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-18 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-19 b/fuzz/dns_rdata_fromwire_text.in/input-19 new file mode 100644 index 0000000000..4ef39ef10a Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-19 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-2 b/fuzz/dns_rdata_fromwire_text.in/input-2 new file mode 100644 index 0000000000..cecf923394 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-2 @@ -0,0 +1 @@ +4A-ò \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-20 b/fuzz/dns_rdata_fromwire_text.in/input-20 new file mode 100644 index 0000000000..52c3851a3c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-20 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-21 b/fuzz/dns_rdata_fromwire_text.in/input-21 new file mode 100644 index 0000000000..0cc97d6dde Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-21 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-22 b/fuzz/dns_rdata_fromwire_text.in/input-22 new file mode 100644 index 0000000000..d993d4821c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-22 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-23 b/fuzz/dns_rdata_fromwire_text.in/input-23 new file mode 100644 index 0000000000..38cbee653b Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-23 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-24 b/fuzz/dns_rdata_fromwire_text.in/input-24 new file mode 100644 index 0000000000..a45779ed7c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-24 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-25 b/fuzz/dns_rdata_fromwire_text.in/input-25 new file mode 100644 index 0000000000..2d9f2cea3d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-25 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-26 b/fuzz/dns_rdata_fromwire_text.in/input-26 new file mode 100644 index 0000000000..a392076a7d Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-26 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-27 b/fuzz/dns_rdata_fromwire_text.in/input-27 new file mode 100644 index 0000000000..f75f8d9da5 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-27 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-28 b/fuzz/dns_rdata_fromwire_text.in/input-28 new file mode 100644 index 0000000000..005ae77884 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-28 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-29 b/fuzz/dns_rdata_fromwire_text.in/input-29 new file mode 100644 index 0000000000..b9c69e13f5 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-29 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-3 b/fuzz/dns_rdata_fromwire_text.in/input-3 new file mode 100644 index 0000000000..606dc1b33b Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-3 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-30 b/fuzz/dns_rdata_fromwire_text.in/input-30 new file mode 100644 index 0000000000..e106d542ec Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-30 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-31 b/fuzz/dns_rdata_fromwire_text.in/input-31 new file mode 100644 index 0000000000..dc5bf2bd28 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-31 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-32 b/fuzz/dns_rdata_fromwire_text.in/input-32 new file mode 100644 index 0000000000..1297a7eb18 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-32 @@ -0,0 +1 @@ +déé \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-33 b/fuzz/dns_rdata_fromwire_text.in/input-33 new file mode 100644 index 0000000000..b6d57bb935 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-33 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-34 b/fuzz/dns_rdata_fromwire_text.in/input-34 new file mode 100644 index 0000000000..fef669d311 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-34 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-35 b/fuzz/dns_rdata_fromwire_text.in/input-35 new file mode 100644 index 0000000000..94a4a376eb Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-35 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-36 b/fuzz/dns_rdata_fromwire_text.in/input-36 new file mode 100644 index 0000000000..dab603cc98 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-36 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-37 b/fuzz/dns_rdata_fromwire_text.in/input-37 new file mode 100644 index 0000000000..51f4124798 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-37 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-38 b/fuzz/dns_rdata_fromwire_text.in/input-38 new file mode 100644 index 0000000000..1ad3023e59 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-38 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-39 b/fuzz/dns_rdata_fromwire_text.in/input-39 new file mode 100644 index 0000000000..b8dfecd851 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-39 @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-4 b/fuzz/dns_rdata_fromwire_text.in/input-4 new file mode 100644 index 0000000000..ae6730e3df Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-4 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-40 b/fuzz/dns_rdata_fromwire_text.in/input-40 new file mode 100644 index 0000000000..5ab35573b3 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-40 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-41 b/fuzz/dns_rdata_fromwire_text.in/input-41 new file mode 100644 index 0000000000..ea33ca7472 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-41 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-42 b/fuzz/dns_rdata_fromwire_text.in/input-42 new file mode 100644 index 0000000000..eb63067e58 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-42 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-43 b/fuzz/dns_rdata_fromwire_text.in/input-43 new file mode 100644 index 0000000000..9aa3747ab2 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-43 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-44 b/fuzz/dns_rdata_fromwire_text.in/input-44 new file mode 100644 index 0000000000..bdc8b9d345 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-44 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-45 b/fuzz/dns_rdata_fromwire_text.in/input-45 new file mode 100644 index 0000000000..e6966b51bc Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-45 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-46 b/fuzz/dns_rdata_fromwire_text.in/input-46 new file mode 100644 index 0000000000..1156424275 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-46 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-47 b/fuzz/dns_rdata_fromwire_text.in/input-47 new file mode 100644 index 0000000000..b499172b0c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-47 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-48 b/fuzz/dns_rdata_fromwire_text.in/input-48 new file mode 100644 index 0000000000..7ab447b373 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-48 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-49 b/fuzz/dns_rdata_fromwire_text.in/input-49 new file mode 100644 index 0000000000..ab5e3b0873 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-49 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-5 b/fuzz/dns_rdata_fromwire_text.in/input-5 new file mode 100644 index 0000000000..4f0acdc444 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-5 @@ -0,0 +1 @@ +„Ë›› \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-50 b/fuzz/dns_rdata_fromwire_text.in/input-50 new file mode 100644 index 0000000000..5f43a46747 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-50 @@ -0,0 +1 @@ +µ|8‡‡¶|¶|8¶|¶|8 \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-51 b/fuzz/dns_rdata_fromwire_text.in/input-51 new file mode 100644 index 0000000000..880c12c49a Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-51 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-52 b/fuzz/dns_rdata_fromwire_text.in/input-52 new file mode 100644 index 0000000000..50a22afb18 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-52 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-53 b/fuzz/dns_rdata_fromwire_text.in/input-53 new file mode 100644 index 0000000000..95243a67b4 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-53 @@ -0,0 +1 @@ +ñ( \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-54 b/fuzz/dns_rdata_fromwire_text.in/input-54 new file mode 100644 index 0000000000..b5019204f1 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-54 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-55 b/fuzz/dns_rdata_fromwire_text.in/input-55 new file mode 100644 index 0000000000..59b9f030b6 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-55 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-56 b/fuzz/dns_rdata_fromwire_text.in/input-56 new file mode 100644 index 0000000000..b0beba002f Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-56 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-57 b/fuzz/dns_rdata_fromwire_text.in/input-57 new file mode 100644 index 0000000000..24f40a53fd Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-57 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-58 b/fuzz/dns_rdata_fromwire_text.in/input-58 new file mode 100644 index 0000000000..aca62bb62c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-58 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-59 b/fuzz/dns_rdata_fromwire_text.in/input-59 new file mode 100644 index 0000000000..3388b2d26a Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-59 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-6 b/fuzz/dns_rdata_fromwire_text.in/input-6 new file mode 100644 index 0000000000..889a2bd246 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-6 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-60 b/fuzz/dns_rdata_fromwire_text.in/input-60 new file mode 100644 index 0000000000..ac328d98bb Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-60 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-61 b/fuzz/dns_rdata_fromwire_text.in/input-61 new file mode 100644 index 0000000000..08ad070c7e Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-61 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-62 b/fuzz/dns_rdata_fromwire_text.in/input-62 new file mode 100644 index 0000000000..18a05e576c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-62 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-63 b/fuzz/dns_rdata_fromwire_text.in/input-63 new file mode 100644 index 0000000000..959fdaf600 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-63 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-64 b/fuzz/dns_rdata_fromwire_text.in/input-64 new file mode 100644 index 0000000000..5d9c5691d4 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-64 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-65 b/fuzz/dns_rdata_fromwire_text.in/input-65 new file mode 100644 index 0000000000..2d9c1fc2af Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-65 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-66 b/fuzz/dns_rdata_fromwire_text.in/input-66 new file mode 100644 index 0000000000..f78d393123 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-66 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-67 b/fuzz/dns_rdata_fromwire_text.in/input-67 new file mode 100644 index 0000000000..95efb965dc Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-67 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-68 b/fuzz/dns_rdata_fromwire_text.in/input-68 new file mode 100644 index 0000000000..e913515bed Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-68 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-69 b/fuzz/dns_rdata_fromwire_text.in/input-69 new file mode 100644 index 0000000000..c8046b5e7a Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-69 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-7 b/fuzz/dns_rdata_fromwire_text.in/input-7 new file mode 100644 index 0000000000..e52f4605a6 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-7 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-70 b/fuzz/dns_rdata_fromwire_text.in/input-70 new file mode 100644 index 0000000000..92a712862e Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-70 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-71 b/fuzz/dns_rdata_fromwire_text.in/input-71 new file mode 100644 index 0000000000..5fc383e5c2 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-71 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-72 b/fuzz/dns_rdata_fromwire_text.in/input-72 new file mode 100644 index 0000000000..7759c47ab9 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-72 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-73 b/fuzz/dns_rdata_fromwire_text.in/input-73 new file mode 100644 index 0000000000..872fee928c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-73 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-74 b/fuzz/dns_rdata_fromwire_text.in/input-74 new file mode 100644 index 0000000000..6d6ec9302e Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-74 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-75 b/fuzz/dns_rdata_fromwire_text.in/input-75 new file mode 100644 index 0000000000..47a9f2bcd7 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-75 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-76 b/fuzz/dns_rdata_fromwire_text.in/input-76 new file mode 100644 index 0000000000..0a0276171e Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-76 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-77 b/fuzz/dns_rdata_fromwire_text.in/input-77 new file mode 100644 index 0000000000..44d445abb5 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-77 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-78 b/fuzz/dns_rdata_fromwire_text.in/input-78 new file mode 100644 index 0000000000..2893517a85 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-78 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-79 b/fuzz/dns_rdata_fromwire_text.in/input-79 new file mode 100644 index 0000000000..c83c4bd0a4 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-79 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-8 b/fuzz/dns_rdata_fromwire_text.in/input-8 new file mode 100644 index 0000000000..4d60fdfc63 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-8 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-80 b/fuzz/dns_rdata_fromwire_text.in/input-80 new file mode 100644 index 0000000000..5da0971d2c Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-80 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-81 b/fuzz/dns_rdata_fromwire_text.in/input-81 new file mode 100644 index 0000000000..c3b5aff67f Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-81 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-82 b/fuzz/dns_rdata_fromwire_text.in/input-82 new file mode 100644 index 0000000000..0e862c62a4 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-82 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-83 b/fuzz/dns_rdata_fromwire_text.in/input-83 new file mode 100644 index 0000000000..7f49b5f250 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-83 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-84 b/fuzz/dns_rdata_fromwire_text.in/input-84 new file mode 100644 index 0000000000..417471dfe3 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-84 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-85 b/fuzz/dns_rdata_fromwire_text.in/input-85 new file mode 100644 index 0000000000..2e6a9ea1f1 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-85 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-86 b/fuzz/dns_rdata_fromwire_text.in/input-86 new file mode 100644 index 0000000000..1eb09ccf55 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-86 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-87 b/fuzz/dns_rdata_fromwire_text.in/input-87 new file mode 100644 index 0000000000..4c29c23db7 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-87 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-88 b/fuzz/dns_rdata_fromwire_text.in/input-88 new file mode 100644 index 0000000000..28ac529ba8 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-88 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-89 b/fuzz/dns_rdata_fromwire_text.in/input-89 new file mode 100644 index 0000000000..8119bf0a46 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-89 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-9 b/fuzz/dns_rdata_fromwire_text.in/input-9 new file mode 100644 index 0000000000..72a140c84a --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-9 @@ -0,0 +1 @@ +222222'œœœœœœœœœœœœœœœœœ222222222'œœœœœœœœœœœœœœœœ \ No newline at end of file diff --git a/fuzz/dns_rdata_fromwire_text.in/input-90 b/fuzz/dns_rdata_fromwire_text.in/input-90 new file mode 100644 index 0000000000..6ae07bda3b Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-90 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-91 b/fuzz/dns_rdata_fromwire_text.in/input-91 new file mode 100644 index 0000000000..28a0c7fcd1 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-91 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-92 b/fuzz/dns_rdata_fromwire_text.in/input-92 new file mode 100644 index 0000000000..6b7efe59d2 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-92 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-93 b/fuzz/dns_rdata_fromwire_text.in/input-93 new file mode 100644 index 0000000000..a5395e17d7 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-93 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-94 b/fuzz/dns_rdata_fromwire_text.in/input-94 new file mode 100644 index 0000000000..43fbdaef7b Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-94 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-95 b/fuzz/dns_rdata_fromwire_text.in/input-95 new file mode 100644 index 0000000000..742afd781e Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-95 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-96 b/fuzz/dns_rdata_fromwire_text.in/input-96 new file mode 100644 index 0000000000..bb8bb8a803 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-96 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-97 b/fuzz/dns_rdata_fromwire_text.in/input-97 new file mode 100644 index 0000000000..03d79aebb0 Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-97 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-98 b/fuzz/dns_rdata_fromwire_text.in/input-98 new file mode 100644 index 0000000000..0cc1f0105f Binary files /dev/null and b/fuzz/dns_rdata_fromwire_text.in/input-98 differ diff --git a/fuzz/dns_rdata_fromwire_text.in/input-99 b/fuzz/dns_rdata_fromwire_text.in/input-99 new file mode 100644 index 0000000000..1490fa00d7 --- /dev/null +++ b/fuzz/dns_rdata_fromwire_text.in/input-99 @@ -0,0 +1 @@ +d"éé \ No newline at end of file diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h index a3f4ae8388..c206528de6 100644 --- a/fuzz/fuzz.h +++ b/fuzz/fuzz.h @@ -23,6 +23,8 @@ ISC_LANG_BEGINDECLS +extern bool debug; + int LLVMFuzzerInitialize(int *argc __attribute__((unused)), char ***argv __attribute__((unused))); diff --git a/fuzz/main.c b/fuzz/main.c index d1ae9492df..85a9031a0f 100644 --- a/fuzz/main.c +++ b/fuzz/main.c @@ -24,6 +24,8 @@ #include +bool debug = false; + static void test_all_from(const char *dirname) { DIR *dirp; @@ -98,6 +100,10 @@ main(int argc, char **argv) { UNUSED(argc); UNUSED(argv); + if (argc != 1) { + debug = true; + } + target = (target != NULL) ? target + 1 : argv[0]; if (strncmp(target, "lt-", 3) == 0) { target += 3; diff --git a/lib/dns/gen.c b/lib/dns/gen.c index 553228409a..453cb66ce8 100644 --- a/lib/dns/gen.c +++ b/lib/dns/gen.c @@ -779,7 +779,6 @@ main(int argc, char **argv) { * Add in reserved/special types. This will let us * sort them without special cases. */ - insert_into_typenames(0, "reserved0", RESERVED); insert_into_typenames(100, "uinfo", RESERVEDNAME); insert_into_typenames(101, "uid", RESERVEDNAME); insert_into_typenames(102, "gid", RESERVEDNAME); diff --git a/lib/dns/rdata/generic/cert_37.c b/lib/dns/rdata/generic/cert_37.c index fedba9034f..b549ef1ae9 100644 --- a/lib/dns/rdata/generic/cert_37.c +++ b/lib/dns/rdata/generic/cert_37.c @@ -125,7 +125,7 @@ fromwire_cert(ARGS_FROMWIRE) { UNUSED(options); isc_buffer_activeregion(source, &sr); - if (sr.length < 5) { + if (sr.length < 6) { return (ISC_R_UNEXPECTEDEND); } diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 48cf39b6e8..db5f29b19c 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -230,18 +230,21 @@ fromwire_ipseckey(ARGS_FROMWIRE) { switch (region.base[1]) { case 0: + if (region.length < 4) { + return (ISC_R_UNEXPECTEDEND); + } isc_buffer_forward(source, region.length); return (mem_tobuffer(target, region.base, region.length)); case 1: - if (region.length < 7) { + if (region.length < 8) { return (ISC_R_UNEXPECTEDEND); } isc_buffer_forward(source, region.length); return (mem_tobuffer(target, region.base, region.length)); case 2: - if (region.length < 19) { + if (region.length < 20) { return (ISC_R_UNEXPECTEDEND); } isc_buffer_forward(source, region.length); @@ -253,6 +256,9 @@ fromwire_ipseckey(ARGS_FROMWIRE) { RETERR(dns_name_fromwire(&name, source, dctx, options, target)); isc_buffer_activeregion(source, ®ion); isc_buffer_forward(source, region.length); + if (region.length < 1) { + return (ISC_R_UNEXPECTEDEND); + } return (mem_tobuffer(target, region.base, region.length)); default: diff --git a/lib/dns/rdata/generic/nsec3_50.c b/lib/dns/rdata/generic/nsec3_50.c index 95d04213ba..f9f356a576 100644 --- a/lib/dns/rdata/generic/nsec3_50.c +++ b/lib/dns/rdata/generic/nsec3_50.c @@ -212,7 +212,7 @@ fromwire_nsec3(ARGS_FROMWIRE) { hashlen = sr.base[0]; isc_region_consume(&sr, 1); - if (sr.length < hashlen) { + if (hashlen < 1 || sr.length < hashlen) { RETERR(DNS_R_FORMERR); } isc_region_consume(&sr, hashlen); diff --git a/lib/dns/rdata/generic/nsec3param_51.c b/lib/dns/rdata/generic/nsec3param_51.c index a064d43cc6..0ea3103f8e 100644 --- a/lib/dns/rdata/generic/nsec3param_51.c +++ b/lib/dns/rdata/generic/nsec3param_51.c @@ -160,7 +160,7 @@ fromwire_nsec3param(ARGS_FROMWIRE) { saltlen = sr.base[4]; isc_region_consume(&sr, 5); - if (sr.length < saltlen) { + if (sr.length != saltlen) { RETERR(DNS_R_FORMERR); } isc_region_consume(&sr, saltlen); diff --git a/lib/dns/rdata/generic/nxt_30.c b/lib/dns/rdata/generic/nxt_30.c index 9d39f22d21..2655861a92 100644 --- a/lib/dns/rdata/generic/nxt_30.c +++ b/lib/dns/rdata/generic/nxt_30.c @@ -148,8 +148,8 @@ fromwire_nxt(ARGS_FROMWIRE) { RETERR(dns_name_fromwire(&name, source, dctx, options, target)); isc_buffer_activeregion(source, &sr); - if (sr.length > 0 && (sr.base[0] & 0x80) == 0 && - ((sr.length > 16) || sr.base[sr.length - 1] == 0)) + if (sr.length > 0 && ((sr.base[0] & 0x80) != 0 || sr.length > 16 || + sr.base[sr.length - 1] == 0)) { return (DNS_R_BADBITMAP); } diff --git a/lib/dns/rdata/generic/sig_24.c b/lib/dns/rdata/generic/sig_24.c index f4a237fe14..ff90631cc0 100644 --- a/lib/dns/rdata/generic/sig_24.c +++ b/lib/dns/rdata/generic/sig_24.c @@ -274,6 +274,9 @@ fromwire_sig(ARGS_FROMWIRE) { * Sig. */ isc_buffer_activeregion(source, &sr); + if (sr.length == 0) { + return (ISC_R_UNEXPECTEDEND); + } isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); } diff --git a/lib/dns/rdata/generic/tlsa_52.c b/lib/dns/rdata/generic/tlsa_52.c index 1140bc01cd..5aa6ccac56 100644 --- a/lib/dns/rdata/generic/tlsa_52.c +++ b/lib/dns/rdata/generic/tlsa_52.c @@ -128,7 +128,8 @@ generic_fromwire_tlsa(ARGS_FROMWIRE) { isc_buffer_activeregion(source, &sr); - if (sr.length < 3) { + /* Usage(1), Selector(1), Type(1), Data(1+) */ + if (sr.length < 4) { return (ISC_R_UNEXPECTEDEND); } diff --git a/lib/dns/rdata/generic/x25_19.c b/lib/dns/rdata/generic/x25_19.c index 4c53621478..93f99c8dc6 100644 --- a/lib/dns/rdata/generic/x25_19.c +++ b/lib/dns/rdata/generic/x25_19.c @@ -59,6 +59,7 @@ totext_x25(ARGS_TOTEXT) { static inline isc_result_t fromwire_x25(ARGS_FROMWIRE) { isc_region_t sr; + unsigned int i; REQUIRE(type == dns_rdatatype_x25); @@ -68,9 +69,14 @@ fromwire_x25(ARGS_FROMWIRE) { UNUSED(options); isc_buffer_activeregion(source, &sr); - if (sr.length < 5) { + if (sr.length < 5 || sr.base[0] != (sr.length - 1)) { return (DNS_R_FORMERR); } + for (i = 1; i < sr.length; i++) { + if (sr.base[i] < 0x30 || sr.base[i] > 0x39) { + return (DNS_R_FORMERR); + } + } return (txt_fromwire(source, target)); } diff --git a/lib/dns/rdata/in_1/wks_11.c b/lib/dns/rdata/in_1/wks_11.c index 26eda5d7f6..7be55ada7b 100644 --- a/lib/dns/rdata/in_1/wks_11.c +++ b/lib/dns/rdata/in_1/wks_11.c @@ -268,6 +268,9 @@ fromwire_in_wks(ARGS_FROMWIRE) { if (sr.length > 8 * 1024 + 5) { return (DNS_R_EXTRADATA); } + if (sr.length > 5 && sr.base[sr.length - 1] == 0) { + return (DNS_R_FORMERR); + } if (tr.length < sr.length) { return (ISC_R_NOSPACE); } diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 2c4698413a..d280dc2031 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -215,7 +215,7 @@ base32_decode_char(base32_decode_ctx_t *ctx, int c) { if ((ctx->val[3] & 0x0f) != 0) { return (ISC_R_BADBASE32); } - ctx->seen_32 = 3; + ctx->seen_32 = 2; break; case 5: if ((ctx->val[4] & 0x01) != 0) {