starred/dnsguide
1
0
Fork 0
mirror of https://github.com/EmilHernvall/dnsguide.git synced 2026-04-26 22:25:57 +03:00
Code Issues 15 Projects Releases Packages Wiki Activity

[GH-ISSUE #2] Jump query issue #5

New issue
Closed
opened 2026-03-07 21:26:19 +03:00 by kerem · 0 comments
kerem commented 2026-03-07 21:26:19 +03:00
Owner
Copy link

Originally created by @SUMUKHA-PK on GitHub (Feb 18, 2019).
Original GitHub issue: https://github.com/EmilHernvall/dnsguide/issues/2

if (len & 0xC0) == 0xC0 {
                // Update the buffer position to a point past the current
                // label. We don't need to touch it any further.
                if !jumped {
                    try!(self.seek(pos+2));
                }

and

"" I mentioned earlier that each label is preceeded by a single byte length. The additional thing we need to consider is that if the two Most Significant Bits of the length is set, we can instead expect the length byte to be followed by a second byte. These two bytes taken together, and removing the two MSB's, indicate the jump position. In the example above, we've got 0xC00C. The bit pattern of the the two high bits expressed as hex is 0xC000 (in binary 11000000 00000000), so we can find the jump position by xoring our two bytes with this mask to unset them: 0xC00C ^ 0xC000 = 12. Thus we should jump to byte 12 of the packet and read from there. Recalling that the length the DNS header happens to be 12 bytes, we realize that it's instructing us to start reading from where the question part of the packet begins, which makes sense since the question starts with the query domain which in this case is "google.com". ""

Shoudnt we jump by the number indicated after the set flag? Why are we jumping from pos to pos+2 ?

Originally created by @SUMUKHA-PK on GitHub (Feb 18, 2019). Original GitHub issue: https://github.com/EmilHernvall/dnsguide/issues/2 ``` if (len & 0xC0) == 0xC0 { // Update the buffer position to a point past the current // label. We don't need to touch it any further. if !jumped { try!(self.seek(pos+2)); } ``` and "" I mentioned earlier that each label is preceeded by a single byte length. The additional thing we need to consider is that if the two Most Significant Bits of the length is set, we can instead expect the length byte to be followed by a second byte. These two bytes taken together, and removing the two MSB's, indicate the jump position. In the example above, we've got 0xC00C. The bit pattern of the the two high bits expressed as hex is 0xC000 (in binary 11000000 00000000), so we can find the jump position by xoring our two bytes with this mask to unset them: 0xC00C ^ 0xC000 = 12. Thus we should jump to byte 12 of the packet and read from there. Recalling that the length the DNS header happens to be 12 bytes, we realize that it's instructing us to start reading from where the question part of the packet begins, which makes sense since the question starts with the query domain which in this case is "google.com". "" Shoudnt we jump by the number indicated after the set flag? Why are we jumping from ```pos``` to ```pos+2``` ?
kerem closed this issue 2026-03-07 21:26:19 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/dnsguide#5
No description provided.