dnsimple / dns_erlang / 20919051518
84%

DEFAULT BRANCH: main
Ran
Jobs 1
Files 10
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 83.851% (+0.2%) from 83.636%
20919051518

push

github

web-flow 
Introduce a strict decode_query helper for a server (#101)

TL;DR: just adding a more defensive parsing mechanism just like other name servers do (bind, pdns, etc). Might be good for a DNS expert to doublecheck the assumptions on this one :)

## Overview

This PR implements `dns:decode_query/1`, a new function that performs strict header validation for
DNS queries to prevent DoS attacks. The function validates query messages before parsing the full
payload, rejecting malformed queries that could cause wasteful CPU and memory allocations.

## Problem Statement

The existing `dns:decode_message/1` function parses the entire binary payload regardless of DNS
header contents. This exposes authoritative DNS servers (like erldns) to DoS attacks where attackers
send queries with massive Answer or Authority sections, causing unnecessary memory allocation before
the message is determined to be invalid.

## Solution

The new `decode_query/1` function performs a "header guard" check that validates the DNS header
before decoding the rest of the message. This allows early rejection of malformed queries without
allocating memory for potentially large sections.

## Implementation Details

### Header Validation Rules

**QR Bit Check**:
- **QR**: Must be 0 (query). If QR=1, the message is a response and is rejected with FORMERR.
  This function is specifically for queries, so responses should use `decode_message/1` instead.
  RFC 1035: QR=0 indicates a query, QR=1 indicates a response.

**TC Bit Check**:
- **TC**: Must be 0 (not truncated). If TC=1, the query is rejected with FORMERR.
  RFC 1035: TC bit indicates truncation due to message size limits. Truncation is a response
  mechanism (responses too large for UDP are truncated). A query with TC=1 is a protocol
  violation and could indicate a malformed message or attack attempt.

For **Standard Query (Opcode 0)**:
- **QDCount**: Must be exactly 1 question
- **ANCount**: Must be 0 (queries should not have answers)
- ... (continued)

59 of 70 new or added lines in 3 files covered. (84.29%)

14 existing lines in 3 files now uncovered.

2778 of 3313 relevant lines covered (83.85%)

2478.71 hits per line

New Missed Lines in Diff

Lines Coverage File
11
92.13
 -0.85% src/dns_decode.erl

Uncovered Existing Lines

Lines Coverage File
1
98.63
 0.24% src/dns_names.erl
6
92.13
 -0.85% src/dns_decode.erl
7
89.92
 -0.91% src/dns.erl
Jobs
ID Job ID Ran Files Coverage
1 20919051518.1 10
83.85
 GitHub Action Run
Source Files on build 20919051518