Handle packing of empty RDATA correctly for EDNS0_EXPIRE (Resolves #1292) #1293

dmavrommatis · 2021-09-04T13:59:39Z

Issue explained in #1292

miekg · 2021-09-04T17:44:09Z

Thanks. Could you provide a better description in your commit. uint32 was plain wrong? Where in the RFC do I need to look? Etc.

dmavrommatis · 2021-09-06T07:26:59Z

I've documented the bug and thought process in the issue mentioned. I've also changed the description in the commit to also mention the RFC and the issue:

As per RFC7314 the Expire Option in queries should be zero-length. In the current implementation the field is uint32 which always instatiates 4bytes for that field when packing to wire format.
For that reason we change the field to []uint8 so it can support 0-length and 4-byte
length option data.

…iekg#1292) As per [RFC7134](https://datatracker.ietf.org/doc/html/rfc7314#section-2) the Expire Option in queries should be zero-length. In the current implementation the field is uint32 which always instatiates 4bytes for that field when packing to wire format. For that reason we change the field to []uint8 so it can support 0-length and 4-byte length option data.

edns.go

dmavrommatis · 2021-09-15T14:38:58Z

@miekg thanks for the review; I've addressed the comments. Please take a look again!

edns.go

tmthrgd · 2021-10-28T09:58:56Z

(Apologies for the absence on GitHub).

RFC 7314 says "This is done by adding a zero-length EDNS EXPIRE option to the options field of the OPT record when the query is made." so a zero length option is valid and something we should be handling. There's nothing in the RFC to say that the 32-bit value zero is reserved so we have to persist this somehow.

This PR isn't backward compatible though so we shouldn't merge as-is. What we could do is hang a flag off EDNS0_EXPIRE and use that while keeping everything else the same. Perhaps Empty or ZeroLength or whatever.

dmavrommatis · 2021-10-28T22:57:18Z

(Apologies for the absence on GitHub).

RFC 7314 says "This is done by adding a zero-length EDNS EXPIRE option to the options field of the OPT record when the query is made." so a zero length option is valid and something we should be handling. There's nothing in the RFC to say that the 32-bit value zero is reserved so we have to persist this somehow.

This PR isn't backward compatible though so we shouldn't merge as-is. What we could do is hang a flag off EDNS0_EXPIRE and use that while keeping everything else the same. Perhaps Empty or ZeroLength or whatever.

Can you elaborate for the backwards compatibility issue?
These functions are for packing and unpacking a message to bytes and the other way around. How will introducing a flag going to provide anything? In the end we will either write 0 bytes or 4 bytes.

tmthrgd · 2021-10-30T01:55:15Z

Any code that operates on EDNS0_EXPIRE would be broken by this as the type of Expire will have changed. Consider code that did something like (nonsense example):

func adjustExpire(opt *EDNS0_EXPIRE) {
	if opt.Expire < 10 {
		opt.Expire = 10
	} else {
		opt.Expire++
	}
}

Even code that simply inspects or prints the value of Expire will break.

A flag allows us to track whether we're writing zero or four bytes and persist that from unpack to pack without (hopefully) breaking any existing code.

dmavrommatis · 2021-11-01T12:27:44Z

Any code that operates on EDNS0_EXPIRE would be broken by this as the type of Expire will have changed. Consider code that did something like (nonsense example):
func adjustExpire(opt *EDNS0_EXPIRE) {
	if opt.Expire < 10 {
		opt.Expire = 10
	} else {
		opt.Expire++
	}
}
Even code that simply inspects or prints the value of Expire will break.

A flag allows us to track whether we're writing zero or four bytes and persist that from unpack to pack without (hopefully) breaking any existing code.

oh gotcha, I will update the PR to avoid this issue

dmavrommatis · 2021-11-04T18:26:56Z

@tmthrgd found some time to make the change. please check to see if the implementation is sufficient.

dmavrommatis · 2022-03-03T10:52:20Z

hey @tmthrgd I think this PR is ready for merging!

edns.go

dmavrommatis · 2022-03-10T10:49:22Z

@tmthrgd @miekg can you check if the PR is complete now?

tmthrgd

LGTM. As long as we're happy with the String output.

…ekg#1292) (miekg#1293) * Change EDNS_EXPIRE field to support zero length option data (Resolves miekg#1292) As per [RFC7134](https://datatracker.ietf.org/doc/html/rfc7314#section-2) the Expire Option in queries should be zero-length. In the current implementation the field is uint32 which always instatiates 4bytes for that field when packing to wire format. For that reason we change the field to []uint8 so it can support 0-length and 4-byte length option data. * addressed comments * addressed comments * make change backwards compatible * add comment for Empty field

dmavrommatis requested review from miekg and tmthrgd as code owners September 4, 2021 13:59

dmavrommatis force-pushed the master branch from ede72fd to 3a613c4 Compare September 6, 2021 07:25

dmavrommatis force-pushed the master branch from 3a613c4 to 3d6a1d5 Compare September 13, 2021 10:45

dmavrommatis force-pushed the master branch from 3d6a1d5 to 8161c7d Compare September 13, 2021 10:45

miekg reviewed Sep 14, 2021

View reviewed changes