diff options
| author | Bob Halley <halley@dnspython.org> | 2012-08-28 13:58:33 -0700 |
|---|---|---|
| committer | Bob Halley <halley@dnspython.org> | 2012-08-28 13:58:33 -0700 |
| commit | 407c201f4cace8662318a7273995278b1423016b (patch) | |
| tree | c68c09f41d790496da5dba5c6bff5b791dcbd432 | |
| parent | f22e642b14e08d8b479813c61f31d1e042952035 (diff) | |
| download | dnspython-407c201f4cace8662318a7273995278b1423016b.tar.gz | |
Do not generate empty NSEC3 bitmap windows
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | dns/rdtypes/ANY/NSEC3.py | 6 | ||||
| -rw-r--r-- | tests/bugs.py | 5 |
3 files changed, 15 insertions, 2 deletions
@@ -1,3 +1,9 @@ +2012-08-28 Bob Halley <halley@dnspython.org> + + * dns/rdtypes/ANY/NSEC3.py (NSEC3.from_text): The NSEC3 from_text() + method could erroneously emit empty bitmap windows (i.e. windows + with a count of 0 bytes); such bitmaps are illegal. + 2012-04-10 Bob Halley <halley@dnspython.org> * dns/dnssec.py (_validate_rrsig): Fix python3 port issues with diff --git a/dns/rdtypes/ANY/NSEC3.py b/dns/rdtypes/ANY/NSEC3.py index df2dbff..76a2867 100644 --- a/dns/rdtypes/ANY/NSEC3.py +++ b/dns/rdtypes/ANY/NSEC3.py @@ -117,7 +117,8 @@ class NSEC3(dns.rdata.Rdata): prior_rdtype = nrdtype new_window = nrdtype // 256 if new_window != window: - windows.append((window, bytes(bitmap[0:octets]))) + if octets != 0: + windows.append((window, bytes(bitmap[0:octets]))) bitmap = bytearray(32) window = new_window offset = nrdtype % 256 @@ -125,7 +126,8 @@ class NSEC3(dns.rdata.Rdata): bit = offset % 8 octets = byte + 1 bitmap[byte] = bitmap[byte] | (0x80 >> bit) - windows.append((window, bytes(bitmap[0:octets]))) + if octets != 0: + windows.append((window, bytes(bitmap[0:octets]))) return cls(rdclass, rdtype, algorithm, flags, iterations, salt, next, windows) from_text = classmethod(from_text) diff --git a/tests/bugs.py b/tests/bugs.py index fb00844..dd18f31 100644 --- a/tests/bugs.py +++ b/tests/bugs.py @@ -40,5 +40,10 @@ class BugsTestCase(unittest.TestCase): ttl = dns.ttl.from_text("2147483648") self.assertRaises(dns.ttl.BadTTL, bad) + def test_empty_NSEC3_window(self): + rdata = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.NSEC3, + "1 0 100 ABCD SCBCQHKU35969L2A68P3AD59LHF30715") + self.assertTrue(rdata.windows == []) + if __name__ == '__main__': unittest.main() |