New release 0.3.4
This commit is contained in:
parent
68e2e147a9
commit
8455d69433
|
@ -7,7 +7,10 @@ iodine - IP over DNS is now easy
|
||||||
|
|
||||||
CHANGES:
|
CHANGES:
|
||||||
|
|
||||||
2006-xx-xx: 0.3.4
|
2006-11-08: 0.3.4
|
||||||
|
- Fixed handshake() buffer overflow
|
||||||
|
(Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333)
|
||||||
|
- Added more tests
|
||||||
- More name parsing enhancements
|
- More name parsing enhancements
|
||||||
- Now runs on Linux/AMD64
|
- Now runs on Linux/AMD64
|
||||||
- Added setting to change server port
|
- Added setting to change server port
|
||||||
|
|
6
dns.c
6
dns.c
|
@ -67,7 +67,7 @@ open_dns(const char *domain, int localport, in_addr_t listen_ip)
|
||||||
int flag;
|
int flag;
|
||||||
struct sockaddr_in addr;
|
struct sockaddr_in addr;
|
||||||
|
|
||||||
bzero(&addr, sizeof(addr));
|
memset(&addr, 0, sizeof(addr));
|
||||||
addr.sin_family = AF_INET;
|
addr.sin_family = AF_INET;
|
||||||
addr.sin_port = htons(localport);
|
addr.sin_port = htons(localport);
|
||||||
/* listen_ip already in network byte order from inet_addr, or 0 */
|
/* listen_ip already in network byte order from inet_addr, or 0 */
|
||||||
|
@ -111,7 +111,7 @@ dns_settarget(const char *host)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
bzero(&peer, sizeof(peer));
|
memset(&peer, 0, sizeof(peer));
|
||||||
peer.sin_family = AF_INET;
|
peer.sin_family = AF_INET;
|
||||||
peer.sin_port = htons(53);
|
peer.sin_port = htons(53);
|
||||||
peer.sin_addr = *((struct in_addr *) h->h_addr);
|
peer.sin_addr = *((struct in_addr *) h->h_addr);
|
||||||
|
@ -236,7 +236,7 @@ dns_write(int fd, int id, char *buf, int len, char flag)
|
||||||
char *d;
|
char *d;
|
||||||
|
|
||||||
avail = 0xFF - strlen(topdomain) - 2;
|
avail = 0xFF - strlen(topdomain) - 2;
|
||||||
bzero(data, sizeof(data));
|
memset(data, 0, sizeof(data));
|
||||||
d = data;
|
d = data;
|
||||||
written = encode_data(buf, len, avail, d, flag);
|
written = encode_data(buf, len, avail, d, flag);
|
||||||
encoded = strlen(data);
|
encoded = strlen(data);
|
||||||
|
|
|
@ -127,6 +127,7 @@ encode_data(char *buf, int len, int space, char *dest, char flag)
|
||||||
chunks = write / RAW_CHUNK;
|
chunks = write / RAW_CHUNK;
|
||||||
leftovers = write % RAW_CHUNK;
|
leftovers = write % RAW_CHUNK;
|
||||||
|
|
||||||
|
// flag is special character to be placed first in the encoded data
|
||||||
if (flag != 0) {
|
if (flag != 0) {
|
||||||
*dest = flag;
|
*dest = flag;
|
||||||
} else {
|
} else {
|
||||||
|
@ -135,7 +136,7 @@ encode_data(char *buf, int len, int space, char *dest, char flag)
|
||||||
}
|
}
|
||||||
dest++;
|
dest++;
|
||||||
|
|
||||||
bzero(encoded, sizeof(encoded));
|
memset(encoded, 0, sizeof(encoded));
|
||||||
ep = encoded;
|
ep = encoded;
|
||||||
dp = buf;
|
dp = buf;
|
||||||
for (i = 0; i < chunks; i++) {
|
for (i = 0; i < chunks; i++) {
|
||||||
|
@ -144,7 +145,7 @@ encode_data(char *buf, int len, int space, char *dest, char flag)
|
||||||
dp += RAW_CHUNK;
|
dp += RAW_CHUNK;
|
||||||
}
|
}
|
||||||
realwrite = ENC_CHUNK * chunks;
|
realwrite = ENC_CHUNK * chunks;
|
||||||
bzero(padding, sizeof(padding));
|
memset(padding, 0, sizeof(padding));
|
||||||
pp = padding;
|
pp = padding;
|
||||||
if (leftovers) {
|
if (leftovers) {
|
||||||
pp += RAW_CHUNK - leftovers;
|
pp += RAW_CHUNK - leftovers;
|
||||||
|
@ -187,7 +188,7 @@ decode_data(char *dest, int size, const char *src, char *srcend)
|
||||||
dest++;
|
dest++;
|
||||||
src++;
|
src++;
|
||||||
|
|
||||||
bzero(encoded, sizeof(encoded));
|
memset(encoded, 0, sizeof(encoded));
|
||||||
ep = encoded;
|
ep = encoded;
|
||||||
while(len < size && src < srcend) {
|
while(len < size && src < srcend) {
|
||||||
if(*src == '.') {
|
if(*src == '.') {
|
||||||
|
|
40
test.c
40
test.c
|
@ -29,6 +29,7 @@
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
|
|
||||||
#include "structs.h"
|
#include "structs.h"
|
||||||
|
#include "encoding.h"
|
||||||
#include "dns.h"
|
#include "dns.h"
|
||||||
#include "read.h"
|
#include "read.h"
|
||||||
|
|
||||||
|
@ -144,31 +145,31 @@ test_readname()
|
||||||
printf(" * Testing readname... ");
|
printf(" * Testing readname... ");
|
||||||
fflush(stdout);
|
fflush(stdout);
|
||||||
|
|
||||||
bzero(buf, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
data = emptyloop + sizeof(HEADER);
|
data = emptyloop + sizeof(HEADER);
|
||||||
buf[1023] = 'A';
|
buf[1023] = 'A';
|
||||||
rv = readname(emptyloop, sizeof(emptyloop), &data, buf, 1023);
|
rv = readname(emptyloop, sizeof(emptyloop), &data, buf, 1023);
|
||||||
assert(buf[1023] == 'A');
|
assert(buf[1023] == 'A');
|
||||||
|
|
||||||
bzero(buf, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
data = infloop + sizeof(HEADER);
|
data = infloop + sizeof(HEADER);
|
||||||
buf[4] = '\a';
|
buf[4] = '\a';
|
||||||
rv = readname(infloop, sizeof(infloop), &data, buf, 4);
|
rv = readname(infloop, sizeof(infloop), &data, buf, 4);
|
||||||
assert(buf[4] == '\a');
|
assert(buf[4] == '\a');
|
||||||
|
|
||||||
bzero(buf, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
data = longname + sizeof(HEADER);
|
data = longname + sizeof(HEADER);
|
||||||
buf[256] = '\a';
|
buf[256] = '\a';
|
||||||
rv = readname(longname, sizeof(longname), &data, buf, 256);
|
rv = readname(longname, sizeof(longname), &data, buf, 256);
|
||||||
assert(buf[256] == '\a');
|
assert(buf[256] == '\a');
|
||||||
|
|
||||||
bzero(buf, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
data = onejump + sizeof(HEADER);
|
data = onejump + sizeof(HEADER);
|
||||||
rv = readname(onejump, sizeof(onejump), &data, buf, 256);
|
rv = readname(onejump, sizeof(onejump), &data, buf, 256);
|
||||||
assert(rv == 9);
|
assert(rv == 9);
|
||||||
|
|
||||||
// These two tests use malloc to cause segfault if jump is executed
|
// These two tests use malloc to cause segfault if jump is executed
|
||||||
bzero(buf, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
jumper = malloc(sizeof(badjump));
|
jumper = malloc(sizeof(badjump));
|
||||||
if (jumper) {
|
if (jumper) {
|
||||||
memcpy(jumper, badjump, sizeof(badjump));
|
memcpy(jumper, badjump, sizeof(badjump));
|
||||||
|
@ -178,13 +179,14 @@ test_readname()
|
||||||
}
|
}
|
||||||
free(jumper);
|
free(jumper);
|
||||||
|
|
||||||
bzero(buf, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
jumper = malloc(sizeof(badjump2));
|
jumper = malloc(sizeof(badjump2));
|
||||||
if (jumper) {
|
if (jumper) {
|
||||||
memcpy(jumper, badjump2, sizeof(badjump2));
|
memcpy(jumper, badjump2, sizeof(badjump2));
|
||||||
data = jumper + sizeof(HEADER);
|
data = jumper + sizeof(HEADER);
|
||||||
rv = readname(jumper, sizeof(badjump2), &data, buf, 256);
|
rv = readname(jumper, sizeof(badjump2), &data, buf, 256);
|
||||||
assert(rv == 4);
|
assert(rv == 4);
|
||||||
|
assert(strcmp("BA.", buf) == 0);
|
||||||
}
|
}
|
||||||
free(jumper);
|
free(jumper);
|
||||||
|
|
||||||
|
@ -219,6 +221,31 @@ test_encode_hostname() {
|
||||||
printf("OK\n");
|
printf("OK\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
test_base32() {
|
||||||
|
char temp[256];
|
||||||
|
char *start = "HELLOTEST";
|
||||||
|
char *out = "1HELLOTEST";
|
||||||
|
char *end;
|
||||||
|
char *tempend;
|
||||||
|
int codedlength;
|
||||||
|
|
||||||
|
printf(" * Testing base32 encoding... ");
|
||||||
|
fflush(stdout);
|
||||||
|
|
||||||
|
memset(temp, 0, sizeof(temp));
|
||||||
|
end = malloc(16);
|
||||||
|
memset(end, 0, 16);
|
||||||
|
|
||||||
|
codedlength = encode_data(start, 9, 256, temp, 0);
|
||||||
|
tempend = temp + strlen(temp);
|
||||||
|
decode_data(end, 16, temp, tempend);
|
||||||
|
assert(strcmp(out, end) == 0);
|
||||||
|
free(end);
|
||||||
|
|
||||||
|
printf("OK\n");
|
||||||
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
main()
|
main()
|
||||||
{
|
{
|
||||||
|
@ -228,6 +255,7 @@ main()
|
||||||
test_readputlong();
|
test_readputlong();
|
||||||
test_readname();
|
test_readname();
|
||||||
test_encode_hostname();
|
test_encode_hostname();
|
||||||
|
test_base32();
|
||||||
|
|
||||||
printf("** All went well :)\n");
|
printf("** All went well :)\n");
|
||||||
return 0;
|
return 0;
|
||||||
|
|
Loading…
Reference in New Issue