Commit 2301452c authored by Alexandre's avatar Alexandre
Browse files

[DoT] Catch malformed DNS responses

parent cc36383d
......@@ -316,7 +316,7 @@ class RequestDoT(Request):
return self.ok
def store_response(self, rcode, response, size):
self.rcode = True
self.rcode = rcode
self.response = response
self.response_size = size
......@@ -519,6 +519,7 @@ class ConnectionDoT(Connection):
self.session.send(length.to_bytes(2, byteorder='big') + data)
def receive_data(self, dump=False):
ok = True
try:
buf = self.session.recv(2)
except OpenSSL.SSL.WantReadError:
......@@ -527,8 +528,14 @@ class ConnectionDoT(Connection):
buf = self.session.recv(size)
if dump:
dump_data(buf, 'data recv')
response = dns.message.from_wire(buf)
return (True, response, size)
try:
response = dns.message.from_wire(buf)
except dns.exception.FormError:
response = 'Received DNS message is malformed'
ok = False
if self.verbose and not dump:
dump_data(buf, 'data recv')
return (ok, response, size)
def send_and_receive(self, request, dump=False):
self.send_data(request.data, dump=dump)
......@@ -536,9 +543,9 @@ class ConnectionDoT(Connection):
request.store_response(rcode, response, size)
def do_test(self, request, synchronous=True):
self.send_data(request.data)
self.send_data(request.data, dump=self.debug)
if synchronous:
rcode, response, size = self.receive_data()
rcode, response, size = self.receive_data(dump=self.debug)
request.store_response(rcode, response, size)
request.check_response(self.debug)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment