tests: net: dns: packet: Add test case for compression bit in CNAME Add checks that we will be able to catch invalid compression bit in response CNAME handling. Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>

commit: e58407c5bfb51f4ab9fd6f72ed9f80f223db53fe [log] [tgz]
author: Jukka Rissanen <jukka.rissanen@nordicsemi.no> Thu Mar 27 14:23:04 2025 +0200
committer: Benjamin Cabé <kartben@gmail.com> Mon Mar 31 22:00:36 2025 +0200
tree: 0d449d3b6ec575069bf561df7c8891a506437bfa
parent: 137eba4e40ca417f90093813ea5bf82dccee136a [diff]
diff --git a/tests/net/lib/dns_packet/src/main.c b/tests/net/lib/dns_packet/src/main.c
index a961c75..0cb7c4a 100644
--- a/tests/net/lib/dns_packet/src/main.c
+++ b/tests/net/lib/dns_packet/src/main.c

@@ -1372,6 +1372,168 @@
 	net_buf_unref(dns_cname);
 }
 
+static uint8_t invalid_compression_response_ipv4[] = {
+	/* DNS msg header (12 bytes) */
+	0x74, 0xe1, 0x81, 0x80, 0x00, 0x01, 0x00, 0x01,
+	0x00, 0x00, 0x00, 0x00,
+
+	/* Query string */
+	0x0e, 0x77, 0x65, 0x73,	0x74, 0x75, 0x73, 0x32,
+	0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
+	0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
+	0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
+	0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
+	0x6d, 0x00,
+
+	/* Type */
+	0x00, 0x01,
+
+	/* Class */
+	0x00, 0x01,
+
+	/* Answer 1 */
+	0xb0, 0x0c, /* <--- invalid compression pointer */
+
+	/* Answer type (cname) */
+	0x00, 0x05,
+
+	/* Class */
+	0x00, 0x01,
+
+	/* TTL */
+	0x00, 0x00, 0x00, 0x04,
+
+	/* RR data length */
+	0x00, 0x02,
+
+	/* Data */
+	0xc0, 0x0c,
+};
+
+ZTEST(dns_packet, test_dns_invalid_compress_bits)
+{
+	static const uint8_t query[] = {
+		/* Query string */
+		0x0e, 0x77, 0x65, 0x73,	0x74, 0x75, 0x73, 0x32,
+		0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
+		0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+		0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
+		0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
+		0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
+		0x6d, 0x00,
+
+		/* Type */
+		0x00, 0x01,
+	};
+	struct dns_msg_t dns_msg = { 0 };
+	uint16_t dns_id = 0;
+	int query_idx = -1;
+	uint16_t query_hash = 0;
+	struct net_buf *dns_cname;
+	int ret;
+
+	dns_cname = net_buf_alloc(&dns_qname_pool_for_test, dns_ctx.buf_timeout);
+	zassert_not_null(dns_cname, "Out of mem");
+
+	dns_msg.msg = invalid_compression_response_ipv4;
+	dns_msg.msg_size = sizeof(invalid_compression_response_ipv4);
+
+	dns_id = dns_unpack_header_id(dns_msg.msg);
+
+	setup_dns_context(&dns_ctx, 0, dns_id, query, sizeof(query),
+			  DNS_QUERY_TYPE_A);
+
+	ret = dns_validate_msg(&dns_ctx, &dns_msg, &dns_id, &query_idx,
+			       dns_cname, &query_hash);
+	zassert_true(ret == DNS_EAI_SYSTEM && errno == EINVAL,
+		     "[%s] DNS message was valid (%d / %d)",
+		     "invalid compression rsp", ret, errno);
+
+	net_buf_unref(dns_cname);
+}
+
+static uint8_t invalid_compression_response_cname_ipv4[] = {
+	/* DNS msg header (12 bytes) */
+	0x74, 0xe1, 0x81, 0x80, 0x00, 0x01, 0x00, 0x01,
+	0x00, 0x00, 0x00, 0x00,
+
+	/* Query string */
+	0x0e, 0x77, 0x65, 0x73,	0x74, 0x75, 0x73, 0x32,
+	0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
+	0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
+	0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
+	0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
+	0x6d, 0x00,
+
+	/* Type */
+	0x00, 0x01,
+
+	/* Class */
+	0x00, 0x01,
+
+	/* Answer 1 */
+	0xc0, 0x0c,
+
+	/* Answer type (cname) */
+	0x00, 0x05,
+
+	/* Class */
+	0x00, 0x01,
+
+	/* TTL */
+	0x00, 0x00, 0x00, 0x04,
+
+	/* RR data length */
+	0x00, 0x02,
+
+	/* Data */
+	0xb0, 0x0c, /* <--- invalid compression pointer */
+};
+
+ZTEST(dns_packet, test_dns_invalid_compress_bits_cname)
+{
+	static const uint8_t query[] = {
+		/* Query string */
+		0x0e, 0x77, 0x65, 0x73,	0x74, 0x75, 0x73, 0x32,
+		0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x32, 0x0d,
+		0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+		0x74, 0x69, 0x6f, 0x6e, 0x73, 0x05, 0x74, 0x65,
+		0x61, 0x6d, 0x73, 0x09, 0x6d, 0x69, 0x63, 0x72,
+		0x6f, 0x73, 0x6f, 0x66, 0x74, 0x03, 0x63, 0x6f,
+		0x6d, 0x00,
+
+		/* Type */
+		0x00, 0x01,
+	};
+	struct dns_msg_t dns_msg = { 0 };
+	uint16_t dns_id = 0;
+	int query_idx = -1;
+	uint16_t query_hash = 0;
+	struct net_buf *dns_cname;
+	int ret;
+
+	dns_cname = net_buf_alloc(&dns_qname_pool_for_test, dns_ctx.buf_timeout);
+	zassert_not_null(dns_cname, "Out of mem");
+
+	dns_msg.msg = invalid_compression_response_cname_ipv4;
+	dns_msg.msg_size = sizeof(invalid_compression_response_cname_ipv4);
+
+	dns_id = dns_unpack_header_id(dns_msg.msg);
+
+	setup_dns_context(&dns_ctx, 0, dns_id, query, sizeof(query),
+			  DNS_QUERY_TYPE_A);
+
+	ret = dns_validate_msg(&dns_ctx, &dns_msg, &dns_id, &query_idx,
+			       dns_cname, &query_hash);
+	zassert_true(ret == DNS_EAI_SYSTEM && errno == EINVAL,
+		     "[%s] DNS message was valid (%d / %d)",
+		     "invalid compression rsp", ret, errno);
+
+	net_buf_unref(dns_cname);
+}
+
 ZTEST_SUITE(dns_packet, NULL, NULL, NULL, NULL, NULL);
 /* TODO:
  *	1) add malformed DNS data (mostly done)
commit	e58407c5bfb51f4ab9fd6f72ed9f80f223db53fe	[log] [tgz]
author	Jukka Rissanen <jukka.rissanen@nordicsemi.no>	Thu Mar 27 14:23:04 2025 +0200
committer	Benjamin Cabé <kartben@gmail.com>	Mon Mar 31 22:00:36 2025 +0200
tree	0d449d3b6ec575069bf561df7c8891a506437bfa
parent	137eba4e40ca417f90093813ea5bf82dccee136a [diff]