[PR #2872] [MERGED] Fuzzer for preservation of RDATA #3388

New issue

Closed

opened 2026-03-16 11:40:55 +03:00 by kerem · 0 comments

kerem commented

2026-03-16 11:40:55 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hickory-dns/hickory-dns/pull/2872
Author: @divergentdave
Created: 3/18/2025
Status: ✅ Merged
Merged: 3/22/2025
Merged by: @divergentdave

Base: main ← Head: david/preserve-rdata

📝 Commits (3)

ba9c923 Add fuzzer to check if RDATA is properly preserved
c116efa dns-test: Add support for CAA
f127010 Add test for CAA with "issue" tag and empty value

📊 Changes

4 files changed (+459 additions, -13 deletions)

View changed files

📝 conformance/packages/conformance-tests/src/resolver/dns/rfc3597.rs (+61 -1)
📝 conformance/packages/dns-test/src/record.rs (+107 -1)
📝 fuzz/Cargo.toml (+6 -11)
➕ fuzz/fuzz_targets/preserve_rdata.rs (+285 -0)

📄 Description

This adds a new fuzzer, and one test for a bug discovered by it, focused on the following requirement from RFC 3597.

To ensure the correct operation of equality comparison (section 6)
and of the DNSSEC canonical form (section 7) when an RR type is known
to some but not all of the servers involved, servers MUST also
exactly preserve the RDATA of RRs of known type, except for changes
due to compression or decompression where allowed by section 4 of
this memo. In particular, the character case of domain names that
are not subject to compression MUST be preserved.

The fuzzer parses its input as a Message, then re-encodes the message again. It does its own parsing of both byte strings to split them up into resource records. For well-known record types that are allowed to use compression in the RDATA, names are decompressed, and equivalent records are reassembled. In either case, the original and re-encoded record byte arrays are compared to check for equality. As noted above, if the data changes while round-tripping through Hickory DNS's internal representation, this can invalidate DNSSEC signatures over the data.

The new conformance test illustrates this impact, on CAA 0 issue "" being transformed into CAA 0 issue ";". I implemented basic CAA record support in dns-test to enable this.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hickory-dns/hickory-dns/pull/2872 **Author:** [@divergentdave](https://github.com/divergentdave) **Created:** 3/18/2025 **Status:** ✅ Merged **Merged:** 3/22/2025 **Merged by:** [@divergentdave](https://github.com/divergentdave) **Base:** `main` ← **Head:** `david/preserve-rdata` --- ### 📝 Commits (3) - [`ba9c923`](https://github.com/hickory-dns/hickory-dns/commit/ba9c923f63e5f787f90da315e2a022b09f65fdcd) Add fuzzer to check if RDATA is properly preserved - [`c116efa`](https://github.com/hickory-dns/hickory-dns/commit/c116efa3af0d3e745fecaf55c25fcabce8409cf4) dns-test: Add support for CAA - [`f127010`](https://github.com/hickory-dns/hickory-dns/commit/f1270101d5cc83810899e7e2ee6d2382cc5fe90f) Add test for CAA with "issue" tag and empty value ### 📊 Changes **4 files changed** (+459 additions, -13 deletions) <details> <summary>View changed files</summary> 📝 `conformance/packages/conformance-tests/src/resolver/dns/rfc3597.rs` (+61 -1) 📝 `conformance/packages/dns-test/src/record.rs` (+107 -1) 📝 `fuzz/Cargo.toml` (+6 -11) ➕ `fuzz/fuzz_targets/preserve_rdata.rs` (+285 -0) </details> ### 📄 Description This adds a new fuzzer, and one test for a bug discovered by it, focused on the following requirement from [RFC 3597](https://datatracker.ietf.org/doc/html/rfc3597#section-3). > To ensure the correct operation of equality comparison ([section 6](https://datatracker.ietf.org/doc/html/rfc3597#section-6)) > and of the DNSSEC canonical form ([section 7](https://datatracker.ietf.org/doc/html/rfc3597#section-7)) when an RR type is known > to some but not all of the servers involved, servers MUST also > exactly preserve the RDATA of RRs of known type, except for changes > due to compression or decompression where allowed by [section 4](https://datatracker.ietf.org/doc/html/rfc3597#section-4) of > this memo. In particular, the character case of domain names that > are not subject to compression MUST be preserved. The fuzzer parses its input as a `Message`, then re-encodes the message again. It does its own parsing of both byte strings to split them up into resource records. For well-known record types that are allowed to use compression in the RDATA, names are decompressed, and equivalent records are reassembled. In either case, the original and re-encoded record byte arrays are compared to check for equality. As noted above, if the data changes while round-tripping through Hickory DNS's internal representation, this can invalidate DNSSEC signatures over the data. The new conformance test illustrates this impact, on `CAA 0 issue ""` being transformed into `CAA 0 issue ";"`. I implemented basic CAA record support in `dns-test` to enable this. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>