search

getdnsapi / getdns

A modern asynchronous DNS API https://getdnsapi.net/
Other
461 stars 127 forks source link

Invalid JSON format #542

Open stanley101music opened 10 months ago

stanley101music commented 10 months ago

Cloudflare is using "Black Lies". For an NXDOMAIN, they always return \000.(the missing name) as the next name. Thus the \0 will cause the invalid escape in JSON format

For example, the result of querying cloudflare.com @1.1.1.1 CNAME

{
  "answer_ipv4_address":"1.1.1.1",
  "answer_type": 800,
  "canonical_name":"cloudflare.com.",
  "replies_full":
  [
    [152,147,129,144,0,1,0,0,0,4,0,1,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,0,5,0,1,192,12,0,6,0,1,0,0,0,107,0,32,3,110,115,51,192,12,3,100,110,115,192,12,138,130,153,176,0,0,39,16,0,0,9,96,0,9,58,128,0,0,1,44,192,12,0,46,0,1,0,0,0,107,0,98,0,6,13,2,0,0,1,44,101,60,182,191,101,57,247,159,134,201,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,183,234,115,136,64,163,165,26,8,194,55,69,253,4,113,81,5,71,142,63,84,90,142,18,78,198,80,28,41,122,100,182,31,121,94,119,47,196,47,53,216,114,221,143,174,123,74,62,104,106,166,176,44,237,208,0,158,222,144,87,170,22,72,157,192,12,0,47,0,1,0,0,0,107,0,32,1,0,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,0,9,98,5,128,12,84,11,141,28,192,1,1,192,192,12,0,46,0,1,0,0,0,107,0,98,0,47,13,2,0,0,1,44,101,60,182,191,101,57,247,159,134,201,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,1,3,226,52,83,96,21,14,6,7,218,209,197,176,162,32,32,237,132,135,21,213,195,99,22,174,55,248,74,168,34,34,133,248,193,174,67,35,145,124,183,55,114,253,37,243,181,216,221,93,191,176,184,78,127,154,20,131,215,247,44,94,103,41,0,0,41,4,208,0,0,128,0,0,0]
  ],
  "replies_tree":
  [
    {
      "additional":
      [
        {
          "do": 1,
          "extended_rcode": 0,
          "rdata":
          {
            "rdata_raw":[]
          },
          "type": 41,
          "udp_payload_size": 1232,
          "version": 0,
          "z": 0
        }
      ],
      "answer": [],
      "answer_ipv4_address":"1.1.1.1",
      "answer_type": 800,
      "authority":
      [
        {
          "class": 1,
          "name":"cloudflare.com.",
          "rdata":
          {
            "expire": 604800,
            "minimum": 300,
            "mname":"ns3.cloudflare.com.",
            "rdata_raw":[3,110,115,51,192,12,3,100,110,115,192,12,138,130,153,176,0,0,39,16,0,0,9,96,0,9,58,128,0,0,1,44],
            "refresh": 10000,
            "retry": 2400,
            "rname":"dns.cloudflare.com.",
            "serial": -1971152464
          },
          "ttl": 107,
          "type": 6
        },
        {
          "class": 1,
          "name":"cloudflare.com.",
          "rdata":
          {
            "algorithm": 13,
            "key_tag": 34505,
            "labels": 2,
            "original_ttl": 300,
            "rdata_raw":[0,6,13,2,0,0,1,44,101,60,182,191,101,57,247,159,134,201,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,183,234,115,136,64,163,165,26,8,194,55,69,253,4,113,81,5,71,142,63,84,90,142,18,78,198,80,28,41,122,100,182,31,121,94,119,47,196,47,53,216,114,221,143,174,123,74,62,104,106,166,176,44,237,208,0,158,222,144,87,170,22,72,157],
            "signature":[183,234,115,136,64,163,165,26,8,194,55,69,253,4,113,81,5,71,142,63,84,90,142,18,78,198,80,28,41,122,100,182,31,121,94,119,47,196,47,53,216,114,221,143,174,123,74,62,104,106,166,176,44,237,208,0,158,222,144,87,170,22,72,157],
            "signature_expiration": 1698477759,
            "signature_inception": 1698297759,
            "signers_name":"cloudflare.com.",
            "type_covered": 6
          },
          "ttl": 107,
          "type": 46
        },
        {
          "class": 1,
          "name":"cloudflare.com.",
          "rdata":
          {
            "next_domain_name":"\000.cloudflare.com.",
            "rdata_raw":[1,0,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,0,9,98,5,128,12,84,11,141,28,192,1,1,192],
            "type_bit_maps":[0,9,98,5,128,12,84,11,141,28,192,1,1,192]
          },
          "ttl": 107,
          "type": 47
        },
        {
          "class": 1,
          "name":"cloudflare.com.",
          "rdata":
          {
            "algorithm": 13,
            "key_tag": 34505,
            "labels": 2,
            "original_ttl": 300,
            "rdata_raw":[0,47,13,2,0,0,1,44,101,60,182,191,101,57,247,159,134,201,10,99,108,111,117,100,102,108,97,114,101,3,99,111,109,0,1,3,226,52,83,96,21,14,6,7,218,209,197,176,162,32,32,237,132,135,21,213,195,99,22,174,55,248,74,168,34,34,133,248,193,174,67,35,145,124,183,55,114,253,37,243,181,216,221,93,191,176,184,78,127,154,20,131,215,247,44,94,103,41],
            "signature":[1,3,226,52,83,96,21,14,6,7,218,209,197,176,162,32,32,237,132,135,21,213,195,99,22,174,55,248,74,168,34,34,133,248,193,174,67,35,145,124,183,55,114,253,37,243,181,216,221,93,191,176,184,78,127,154,20,131,215,247,44,94,103,41],
            "signature_expiration": 1698477759,
            "signature_inception": 1698297759,
            "signers_name":"cloudflare.com.",
            "type_covered": 47
          },
          "ttl": 107,
          "type": 46
        }
      ],
      "canonical_name":"cloudflare.com.",
      "dnssec_status": 401,
      "header":
      {
        "aa": 0,
        "ad": 0,
        "ancount": 0,
        "arcount": 1,
        "cd": 1,
        "extended_rcode": 0,
        "id": 39059,
        "nscount": 4,
        "opcode": 0,
        "qdcount": 1,
        "qr": 1,
        "ra": 1,
        "rcode": 0,
        "rd": 1,
        "tc": 0,
        "z": 0
      },
      "question":
      {
        "qclass": 1,
        "qname":"cloudflare.com.",
        "qtype": 5
      }
    }
  ],
  "status": 902
}

"next_domain_name":"\000.cloudflare.com." Although the answer part is empty, the authority part will contain the response of NSEC, and cause the invalid escape due to \0 It's just an example of known invalid escape, there might be other possible responses that cause the same issue.