TRR: make the DNS packet decoder verify the qname in the answer section

RESOLVED FIXED in Firefox 62

Status

()

enhancement
P1
normal
RESOLVED FIXED
Last year
Last year

People

(Reporter: bagder, Assigned: bagder)

Tracking

unspecified
mozilla62
Points:
---

Firefox Tracking Flags

(firefox62 fixed)

Details

(Whiteboard: [necko-triaged][trr])

Attachments

(1 attachment)

Assignee

Description

Last year
... and if it gets a CNAME back, check if the address record for that CNAME is actually in fact already provided in the DNS packet that passed on the CNAME!
Comment hidden (mozreview-request)

Comment 2

Last year
mozreview-review
Comment on attachment 8974724 [details]
bug 1460327 - make the DNS packet decoder verify the answer qname

https://reviewboard.mozilla.org/r/243098/#review248916

please add a test where the response contains a mismatched name so we make sure not to use it
Attachment #8974724 - Flags: review?(mcmanus) → review+
Comment hidden (mozreview-request)
Assignee

Comment 4

Last year
I pushed an update with fixed tests (since the previous ones violated the qnames quite a bit) and two new tests to make sure this new logic works as intended to.

Feel free to give it a second look, or not. The try-run looks fine so I'm otherwise ready to land this.
Flags: needinfo?(mcmanus)
land it
Flags: needinfo?(mcmanus)

Comment 6

Last year
Pushed by daniel@haxx.se:
https://hg.mozilla.org/integration/autoland/rev/0f7100b128f2
make the DNS packet decoder verify the answer qname r=mcmanus

Comment 7

Last year
bugherder
https://hg.mozilla.org/mozilla-central/rev/0f7100b128f2
Status: NEW → RESOLVED
Closed: Last year
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
You need to log in before you can comment on or make changes to this bug.