diff options
| author | Luca Deri <deri@ntop.org> | 2023-09-09 17:46:13 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2023-09-09 17:46:13 +0200 |
| commit | f50a4d7e85c656f18a900f7cb930da45f5ed6df4 (patch) | |
| tree | b65671cf9e802a68885e675c9a4dfec4b80a9b87 /src/lib | |
| parent | 1a797d7b74b9845f9e60bd89a3044425003d1a2b (diff) | |
Improved detection of invalid chars in DNS names
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/ndpi_utils.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/dns.c | 11 |
2 files changed, 10 insertions, 3 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index c0e9fa446..3bf819025 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -2012,7 +2012,7 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) { return("Fragmented DNS Message"); case NDPI_INVALID_CHARACTERS: - return("Text With Non-Printable Chars"); + return("Non-Printable/Invalid Chars Detected"); case NDPI_POSSIBLE_EXPLOIT: return("Possible Exploit"); diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index 5fc71a67a..3509e604d 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -175,7 +175,11 @@ static u_int getNameLength(u_int i, const u_int8_t *payload, u_int payloadLen) { } } /* - allowed chars for dns names A-Z 0-9 _ - + See + - RFC 1035 + - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/naming-conventions-for-computer-domain-site-ou + + Allowed chars for dns names A-Z 0-9 _ - Perl script for generation map: my @M; for(my $ch=0; $ch < 256; $ch++) { @@ -246,8 +250,11 @@ static u_int8_t ndpi_grab_dns_name(struct ndpi_packet_struct *packet, if((dns_validchar[c >> 5] & shift)) { _hostname[j++] = tolower(c); } else { + /* printf("---?? '%c'\n", c); */ + + hostname_is_valid = 0; + if (isprint(c) == 0) { - hostname_is_valid = 0; _hostname[j++] = '?'; } else { _hostname[j++] = '_'; |