From 4f8f53d080c6807f959a772279fdee5982384a9e Mon Sep 17 00:00:00 2001 From: David Cannings Date: Mon, 11 May 2015 21:51:38 +0100 Subject: [PATCH] Fix rcode parsing, as noticed by Coverity. Without support for OPT RR from RFC6891 (Extension mechanisms for DNS) values of RCODE above 15 are not possible. Remove dead code which will never match. --- src/app-layer-dns-common.h | 2 ++ src/app-layer-dns-tcp.c | 2 +- src/app-layer-dns-udp.c | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/app-layer-dns-common.h b/src/app-layer-dns-common.h index 1a06f8d1dc..203b2908e6 100644 --- a/src/app-layer-dns-common.h +++ b/src/app-layer-dns-common.h @@ -71,6 +71,8 @@ #define DNS_RCODE_NXRRSET 8 #define DNS_RCODE_NOTAUTH 9 #define DNS_RCODE_NOTZONE 10 +// Support for OPT RR from RFC6891 will be needed to +// parse RCODE values over 15 #define DNS_RCODE_BADVERS 16 #define DNS_RCODE_BADSIG 16 #define DNS_RCODE_BADKEY 17 diff --git a/src/app-layer-dns-tcp.c b/src/app-layer-dns-tcp.c index 0842c6686e..840a0f8086 100644 --- a/src/app-layer-dns-tcp.c +++ b/src/app-layer-dns-tcp.c @@ -449,7 +449,7 @@ static int DNSReponseParseData(Flow *f, DNSState *dns_state, const uint8_t *inpu /* parse rcode, e.g. "noerror" or "nxdomain" */ uint8_t rcode = ntohs(dns_header->flags) & 0x0F; - if (rcode <= DNS_RCODE_NOTZONE || (rcode >= DNS_RCODE_BADSIG && rcode <= DNS_RCODE_BADTRUNC)) { + if (rcode <= DNS_RCODE_NOTZONE) { SCLogDebug("rcode %u", rcode); if (tx != NULL) tx->rcode = rcode; diff --git a/src/app-layer-dns-udp.c b/src/app-layer-dns-udp.c index bb0c73bf55..eb87849c52 100644 --- a/src/app-layer-dns-udp.c +++ b/src/app-layer-dns-udp.c @@ -271,7 +271,7 @@ static int DNSUDPResponseParse(Flow *f, void *dstate, /* parse rcode, e.g. "noerror" or "nxdomain" */ uint8_t rcode = ntohs(dns_header->flags) & 0x0F; - if (rcode <= DNS_RCODE_NOTZONE || (rcode >= DNS_RCODE_BADSIG && rcode <= DNS_RCODE_BADTRUNC)) { + if (rcode <= DNS_RCODE_NOTZONE) { SCLogDebug("rcode %u", rcode); if (tx != NULL) tx->rcode = rcode;