1 
2 /* Copyright 1998 by the Massachusetts Institute of Technology.
3  * Copyright 2005 Dominick Meglio
4  *
5  * Permission to use, copy, modify, and distribute this
6  * software and its documentation for any purpose and without
7  * fee is hereby granted, provided that the above copyright
8  * notice appear in all copies and that both that copyright
9  * notice and this permission notice appear in supporting
10  * documentation, and that the name of M.I.T. not be used in
11  * advertising or publicity pertaining to distribution of the
12  * software without specific, written prior permission.
13  * M.I.T. makes no representations about the suitability of
14  * this software for any purpose.  It is provided "as is"
15  * without express or implied warranty.
16  */
17 
18 #include "ares_setup.h"
19 
20 #ifdef HAVE_NETINET_IN_H
21 #  include <netinet/in.h>
22 #endif
23 #ifdef HAVE_NETDB_H
24 #  include <netdb.h>
25 #endif
26 #ifdef HAVE_ARPA_INET_H
27 #  include <arpa/inet.h>
28 #endif
29 #ifdef HAVE_ARPA_NAMESER_H
30 #  include <arpa/nameser.h>
31 #else
32 #  include "nameser.h"
33 #endif
34 #ifdef HAVE_ARPA_NAMESER_COMPAT_H
35 #  include <arpa/nameser_compat.h>
36 #endif
37 
38 #ifdef HAVE_STRINGS_H
39 #  include <strings.h>
40 #endif
41 
42 #ifdef HAVE_LIMITS_H
43 #  include <limits.h>
44 #endif
45 
46 #include "ares.h"
47 #include "ares_dns.h"
48 #include "ares_inet_net_pton.h"
49 #include "ares_private.h"
50 
ares_parse_aaaa_reply(const unsigned char * abuf,int alen,struct hostent ** host,struct ares_addr6ttl * addrttls,int * naddrttls)51 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
52                           struct hostent **host, struct ares_addr6ttl *addrttls,
53                           int *naddrttls)
54 {
55   unsigned int qdcount, ancount;
56   int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
57   int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
58   int naliases;
59   long len;
60   const unsigned char *aptr;
61   char *hostname, *rr_name, *rr_data, **aliases;
62   struct ares_in6_addr *addrs;
63   struct hostent *hostent;
64   const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
65 
66   /* Set *host to NULL for all failure cases. */
67   if (host)
68     *host = NULL;
69   /* Same with *naddrttls. */
70   if (naddrttls)
71     *naddrttls = 0;
72 
73   /* Give up if abuf doesn't have room for a header. */
74   if (alen < HFIXEDSZ)
75     return ARES_EBADRESP;
76 
77   /* Fetch the question and answer count from the header. */
78   qdcount = DNS_HEADER_QDCOUNT(abuf);
79   ancount = DNS_HEADER_ANCOUNT(abuf);
80   if (qdcount != 1)
81     return ARES_EBADRESP;
82 
83   /* Expand the name from the question, and skip past the question. */
84   aptr = abuf + HFIXEDSZ;
85   status = ares__expand_name_for_response(aptr, abuf, alen, &hostname, &len);
86   if (status != ARES_SUCCESS)
87     return status;
88   if (aptr + len + QFIXEDSZ > abuf + alen)
89     {
90       ares_free(hostname);
91       return ARES_EBADRESP;
92     }
93   aptr += len + QFIXEDSZ;
94 
95   /* Allocate addresses and aliases; ancount gives an upper bound for both. */
96   if (host)
97     {
98       addrs = ares_malloc(ancount * sizeof(struct ares_in6_addr));
99       if (!addrs)
100         {
101           ares_free(hostname);
102           return ARES_ENOMEM;
103         }
104       aliases = ares_malloc((ancount + 1) * sizeof(char *));
105       if (!aliases)
106         {
107           ares_free(hostname);
108           ares_free(addrs);
109           return ARES_ENOMEM;
110         }
111     }
112   else
113     {
114       addrs = NULL;
115       aliases = NULL;
116     }
117   naddrs = 0;
118   naliases = 0;
119 
120   /* Examine each answer resource record (RR) in turn. */
121   for (i = 0; i < (int)ancount; i++)
122     {
123       /* Decode the RR up to the data field. */
124       status = ares__expand_name_for_response(aptr, abuf, alen, &rr_name, &len);
125       if (status != ARES_SUCCESS)
126         break;
127       aptr += len;
128       if (aptr + RRFIXEDSZ > abuf + alen)
129         {
130           ares_free(rr_name);
131           status = ARES_EBADRESP;
132           break;
133         }
134       rr_type = DNS_RR_TYPE(aptr);
135       rr_class = DNS_RR_CLASS(aptr);
136       rr_len = DNS_RR_LEN(aptr);
137       rr_ttl = DNS_RR_TTL(aptr);
138       aptr += RRFIXEDSZ;
139       if (aptr + rr_len > abuf + alen)
140         {
141           ares_free(rr_name);
142           status = ARES_EBADRESP;
143           break;
144         }
145 
146       if (rr_class == C_IN && rr_type == T_AAAA
147           && rr_len == sizeof(struct ares_in6_addr)
148           && strcasecmp(rr_name, hostname) == 0)
149         {
150           if (addrs)
151             {
152               if (aptr + sizeof(struct ares_in6_addr) > abuf + alen)
153               {  /* LCOV_EXCL_START: already checked above */
154                 ares_free(rr_name);
155                 status = ARES_EBADRESP;
156                 break;
157               }  /* LCOV_EXCL_STOP */
158               memcpy(&addrs[naddrs], aptr, sizeof(struct ares_in6_addr));
159             }
160           if (naddrs < max_addr_ttls)
161             {
162               struct ares_addr6ttl * const at = &addrttls[naddrs];
163               if (aptr + sizeof(struct ares_in6_addr) > abuf + alen)
164               {  /* LCOV_EXCL_START: already checked above */
165                 ares_free(rr_name);
166                 status = ARES_EBADRESP;
167                 break;
168               }  /* LCOV_EXCL_STOP */
169               memcpy(&at->ip6addr, aptr,  sizeof(struct ares_in6_addr));
170               at->ttl = rr_ttl;
171             }
172           naddrs++;
173           status = ARES_SUCCESS;
174         }
175 
176       if (rr_class == C_IN && rr_type == T_CNAME)
177         {
178           /* Record the RR name as an alias. */
179           if (aliases)
180             aliases[naliases] = rr_name;
181           else
182             ares_free(rr_name);
183           naliases++;
184 
185           /* Decode the RR data and replace the hostname with it. */
186           status = ares__expand_name_for_response(aptr, abuf, alen, &rr_data,
187                                                   &len);
188           if (status != ARES_SUCCESS)
189             break;
190           ares_free(hostname);
191           hostname = rr_data;
192 
193           /* Take the min of the TTLs we see in the CNAME chain. */
194           if (cname_ttl > rr_ttl)
195             cname_ttl = rr_ttl;
196         }
197       else
198         ares_free(rr_name);
199 
200       aptr += rr_len;
201       if (aptr > abuf + alen)
202         {  /* LCOV_EXCL_START: already checked above */
203           status = ARES_EBADRESP;
204           break;
205         }  /* LCOV_EXCL_STOP */
206     }
207 
208   /* the check for naliases to be zero is to make sure CNAME responses
209      don't get caught here */
210   if (status == ARES_SUCCESS && naddrs == 0 && naliases == 0)
211     status = ARES_ENODATA;
212   if (status == ARES_SUCCESS)
213     {
214       /* We got our answer. */
215       if (naddrttls)
216         {
217           const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
218           for (i = 0; i < n; i++)
219             {
220               /* Ensure that each A TTL is no larger than the CNAME TTL. */
221               if (addrttls[i].ttl > cname_ttl)
222                 addrttls[i].ttl = cname_ttl;
223             }
224           *naddrttls = n;
225         }
226       if (aliases)
227         aliases[naliases] = NULL;
228       if (host)
229         {
230           /* Allocate memory to build the host entry. */
231           hostent = ares_malloc(sizeof(struct hostent));
232           if (hostent)
233             {
234               hostent->h_addr_list = ares_malloc((naddrs + 1) * sizeof(char *));
235               if (hostent->h_addr_list)
236                 {
237                   /* Fill in the hostent and return successfully. */
238                   hostent->h_name = hostname;
239                   hostent->h_aliases = aliases;
240                   hostent->h_addrtype = AF_INET6;
241                   hostent->h_length = sizeof(struct ares_in6_addr);
242                   for (i = 0; i < naddrs; i++)
243                     hostent->h_addr_list[i] = (char *) &addrs[i];
244                   hostent->h_addr_list[naddrs] = NULL;
245                   if (!naddrs && addrs)
246                     ares_free(addrs);
247                   *host = hostent;
248                   return ARES_SUCCESS;
249                 }
250               ares_free(hostent);
251             }
252           status = ARES_ENOMEM;
253         }
254     }
255   if (aliases)
256     {
257       for (i = 0; i < naliases; i++)
258         ares_free(aliases[i]);
259       ares_free(aliases);
260     }
261   ares_free(addrs);
262   ares_free(hostname);
263   return status;
264 }
265