New release 0.3.4

This commit is contained in:
Erik Ekman 2006-11-08 21:45:28 +00:00
parent 68e2e147a9
commit 8455d69433
5 changed files with 46 additions and 14 deletions

View file

@ -7,7 +7,10 @@ iodine - IP over DNS is now easy
CHANGES:
2006-xx-xx: 0.3.4
2006-11-08: 0.3.4
- Fixed handshake() buffer overflow
(Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333)
- Added more tests
- More name parsing enhancements
- Now runs on Linux/AMD64
- Added setting to change server port

6
dns.c
View file

@ -67,7 +67,7 @@ open_dns(const char *domain, int localport, in_addr_t listen_ip)
int flag;
struct sockaddr_in addr;
bzero(&addr, sizeof(addr));
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(localport);
/* listen_ip already in network byte order from inet_addr, or 0 */
@ -111,7 +111,7 @@ dns_settarget(const char *host)
return -1;
}
bzero(&peer, sizeof(peer));
memset(&peer, 0, sizeof(peer));
peer.sin_family = AF_INET;
peer.sin_port = htons(53);
peer.sin_addr = *((struct in_addr *) h->h_addr);
@ -236,7 +236,7 @@ dns_write(int fd, int id, char *buf, int len, char flag)
char *d;
avail = 0xFF - strlen(topdomain) - 2;
bzero(data, sizeof(data));
memset(data, 0, sizeof(data));
d = data;
written = encode_data(buf, len, avail, d, flag);
encoded = strlen(data);

View file

@ -127,6 +127,7 @@ encode_data(char *buf, int len, int space, char *dest, char flag)
chunks = write / RAW_CHUNK;
leftovers = write % RAW_CHUNK;
// flag is special character to be placed first in the encoded data
if (flag != 0) {
*dest = flag;
} else {
@ -135,7 +136,7 @@ encode_data(char *buf, int len, int space, char *dest, char flag)
}
dest++;
bzero(encoded, sizeof(encoded));
memset(encoded, 0, sizeof(encoded));
ep = encoded;
dp = buf;
for (i = 0; i < chunks; i++) {
@ -144,7 +145,7 @@ encode_data(char *buf, int len, int space, char *dest, char flag)
dp += RAW_CHUNK;
}
realwrite = ENC_CHUNK * chunks;
bzero(padding, sizeof(padding));
memset(padding, 0, sizeof(padding));
pp = padding;
if (leftovers) {
pp += RAW_CHUNK - leftovers;
@ -187,7 +188,7 @@ decode_data(char *dest, int size, const char *src, char *srcend)
dest++;
src++;
bzero(encoded, sizeof(encoded));
memset(encoded, 0, sizeof(encoded));
ep = encoded;
while(len < size && src < srcend) {
if(*src == '.') {

40
test.c
View file

@ -29,6 +29,7 @@
#include <assert.h>
#include "structs.h"
#include "encoding.h"
#include "dns.h"
#include "read.h"
@ -144,31 +145,31 @@ test_readname()
printf(" * Testing readname... ");
fflush(stdout);
bzero(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
data = emptyloop + sizeof(HEADER);
buf[1023] = 'A';
rv = readname(emptyloop, sizeof(emptyloop), &data, buf, 1023);
assert(buf[1023] == 'A');
bzero(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
data = infloop + sizeof(HEADER);
buf[4] = '\a';
rv = readname(infloop, sizeof(infloop), &data, buf, 4);
assert(buf[4] == '\a');
bzero(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
data = longname + sizeof(HEADER);
buf[256] = '\a';
rv = readname(longname, sizeof(longname), &data, buf, 256);
assert(buf[256] == '\a');
bzero(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
data = onejump + sizeof(HEADER);
rv = readname(onejump, sizeof(onejump), &data, buf, 256);
assert(rv == 9);
// These two tests use malloc to cause segfault if jump is executed
bzero(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
jumper = malloc(sizeof(badjump));
if (jumper) {
memcpy(jumper, badjump, sizeof(badjump));
@ -178,13 +179,14 @@ test_readname()
}
free(jumper);
bzero(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
jumper = malloc(sizeof(badjump2));
if (jumper) {
memcpy(jumper, badjump2, sizeof(badjump2));
data = jumper + sizeof(HEADER);
rv = readname(jumper, sizeof(badjump2), &data, buf, 256);
assert(rv == 4);
assert(strcmp("BA.", buf) == 0);
}
free(jumper);
@ -219,6 +221,31 @@ test_encode_hostname() {
printf("OK\n");
}
static void
test_base32() {
char temp[256];
char *start = "HELLOTEST";
char *out = "1HELLOTEST";
char *end;
char *tempend;
int codedlength;
printf(" * Testing base32 encoding... ");
fflush(stdout);
memset(temp, 0, sizeof(temp));
end = malloc(16);
memset(end, 0, 16);
codedlength = encode_data(start, 9, 256, temp, 0);
tempend = temp + strlen(temp);
decode_data(end, 16, temp, tempend);
assert(strcmp(out, end) == 0);
free(end);
printf("OK\n");
}
int
main()
{
@ -228,6 +255,7 @@ main()
test_readputlong();
test_readname();
test_encode_hostname();
test_base32();
printf("** All went well :)\n");
return 0;

2
tun.c
View file

@ -52,7 +52,7 @@ open_tun(const char *tun_device)
return -1;
}
bzero(&ifreq, sizeof(ifreq));
memset(&ifreq, 0, sizeof(ifreq));
ifreq.ifr_flags = IFF_TUN;