>From 4b5570f57e0784611225968d47cfbe7babe02da4 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Thu, 22 Sep 2022 19:11:48 -0400 Subject: [PATCH 4/5] getaddrinfo dns lookup: use larger answer buffer to handle long CNAMEs the size of 512 is not sufficient to get at least one address in the worst case where the name is at or near max length and resolves to a CNAME at or near max length. prior to tcp fallback, there was nothing we could do about this case anyway, but now it's fixable. the new limit 768 is chosen so as to admit roughly the number of addresses with a worst-case CNAME as could fit for a worst-case name that's not a CNAME in the old 512-byte limit. outside of this worst-case, the number of addresses that might be obtained is increased. MAXADDRS (48) was originally chosen as an upper bound on the combined number of A and AAAA records that could fit in 512-byte packets (31 and 17, respectively). it is not increased at this time. so as to prevent a situation where the A records consume almost all of these slots (at 768 bytes, a "best-case" name can fit almost 47 A records), the order of parsing is swapped to process AAAA first. this ensures roughly half of the slots are available to each address family. --- src/network/lookup_name.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c index 37d481f9..3eda65a7 100644 --- a/src/network/lookup_name.c +++ b/src/network/lookup_name.c @@ -137,7 +137,7 @@ static int dns_parse_callback(void *c, int rr, const void *data, int len, const static int name_from_dns(struct address buf[static MAXADDRS], char canon[static 256], const char *name, int family, const struct resolvconf *conf) { - unsigned char qbuf[2][280], abuf[2][512]; + unsigned char qbuf[2][280], abuf[2][768]; const unsigned char *qp[2] = { qbuf[0], qbuf[1] }; unsigned char *ap[2] = { abuf[0], abuf[1] }; int qlens[2], alens[2]; @@ -171,7 +171,7 @@ static int name_from_dns(struct address buf[static MAXADDRS], char canon[static if ((abuf[i][3] & 15) != 0) return EAI_FAIL; } - for (i=0; i=0; i--) __dns_parse(abuf[i], alens[i], dns_parse_callback, &ctx); if (ctx.cnt) return ctx.cnt; -- 2.21.0