DNS name pointer
Barry Margolin
barmar at alum.mit.edu
Thu Apr 27 01:36:09 UTC 2006
In article <e2o7gr$1mno$1 at sf1.isc.org>,
Chris Thompson <cet1 at hermes.cam.ac.uk> wrote:
> On Apr 26 2006, Barry Margolin wrote:
>
> >In article <e2m8t1$2fkg$1 at sf1.isc.org>,
> > Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> >
> >> Rohit Tandon wrote:
> >>
> >> >Hi All,
> >> >
> >> >I was wondering if the NAME pointers that are used during compression
> >> >of a DNS packet can actually point to another pointer within the DNS
> >> >message. Is there any restriction that pointers should point to only
> >> >NAME or part of a NAME?
> >> >
> >> Offhand, I don't see any explicit restriction on that in the RFCs, but
> >> what would be the value of adding the extra level(s) of indirection? I
> >> see only risks, since probably most DNS implementations wouldn't expect
> >> it and might handle it badly, and no benefits.
> >
> >You're right that there's not much point to pointing directly to another
> >pointer.
>
> I'm inclined to think that "implementations ... might handle it badly"
> is closer to the mark. A decompressor needs a loop stopper, and one
> obvious choice is
>
> 1. make sure you only read from inside the (DNS) packet
> 2. make sure the expanded name doesn't go over 255 bytes
> 3. make sure that a pointer never points directly to another pointer
>
> Without (3) you could be in deep trouble. An alternative which I suspect
> may sometimes be used is
>
> 3'. make sure pointers always go backwards
>
> Not that (3) or (3') can be strictly justified by appeal to the RFCs, afaik.
Another simple choice, which is used in many other contexts (e.g. CNAME
loops), is a recursion limit. I think a limit as low as 5 would be
practical in DNS.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list