DNS parser fault

[GoogleCodeExporter]

Hello :)

I hack gopacket again and hit new bugs :)

Please take a look on this code https://play.golang.org/p/Bcb2ESD3SE

I got this errors:
PACKET: 80 bytes, wire length 80 cap length 80 @ 2014-10-14 13:00:05.04175 
+0400 MSK
- Layer 1 (14 bytes) = Ethernet {Contents=[..14..] Payload=[..66..] 
SrcMAC=00:0f:35:bb:0b:40 DstMAC=00:22:19:b6:7e:22 EthernetType=IPv4 Length=0}
- Layer 2 (20 bytes) = IPv4 {Contents=[..20..] Payload=[..46..] Version=4 IHL=5 
TOS=0 Length=66 Id=11235 Flags= FragOffset=0 TTL=53 Protocol=UDP Checksum=26611 
SrcIP=212.93.97.149 DstIP=95.211.92.15 Options=[] Padding=[]}
- Layer 3 (08 bytes) = UDP  {Contents=[..8..] Payload=[..38..] 
SrcPort=2294(konshus-lm) DstPort=53(domain) Length=46 Checksum=36534}
- Layer 4 (38 bytes) = DecodeFailure    Packet decoding error: runtime error: 
slice bounds out of range

After this. I disabled recover() function for detailed traceback and got it:
./dns_sniffer 
panic: runtime error: slice bounds out of range

goroutine 20 [running]:
runtime.panic(0x588a00, 0x931eaf)
    /usr/local/go/src/pkg/runtime/panic.c:279 +0xf5
code.google.com/p/gopacket/layers.decodeName(0xc20800420a, 0x27, 0x27, 0x1c, 
0xc209070168, 0x0, 0x0, 0x0, 0x608011970, 0x0, ...)
    /root/gocode/src/code.google.com/p/gopacket/layers/dns.go:363 +0x4f8
code.google.com/p/gopacket/layers.(*DNSResourceRecord).decode(0xc208044280, 
0xc20800420a, 0x27, 0x27, 0x1c, 0x7f8af23581a0, 0xc208003440, 0xc209070168, 
0x1c, 0x0, ...)
    /root/gocode/src/code.google.com/p/gopacket/layers/dns.go:427 +0x86
code.google.com/p/gopacket/layers.(*DNS).DecodeFromBytes(0xc2090700c0, 
0xc20800420a, 0x27, 0x27, 0x7f8af23581a0, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/dns.go:267 +0xe5b
code.google.com/p/gopacket/layers.decodeDNS(0xc20800420a, 0x27, 0x27, 
0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/dns.go:193 +0xe4
code.google.com/p/gopacket.DecodeFunc.Decode(0x63e8f8, 0xc20800420a, 0x27, 
0x27, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/decode.go:84 +0x6b
code.google.com/p/gopacket.LayerType.Decode(0x6b, 0xc20800420a, 0x27, 0x27, 
0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layertype.go:85 +0xef
code.google.com/p/gopacket.(*eagerPacket).NextDecoder(0xc208003440, 
0x7f8af23582e0, 0x6b, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:347 +0x20c
code.google.com/p/gopacket/layers.decodeUDP(0xc208004202, 0x2f, 0x2f, 
0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/udp.go:104 +0x22b
code.google.com/p/gopacket.DecodeFunc.Decode(0x63ebb0, 0xc208004202, 0x2f, 
0x2f, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/decode.go:84 +0x6b
code.google.com/p/gopacket.LayerType.Decode(0x2d, 0xc208004202, 0x2f, 0x2f, 
0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layertype.go:85 +0xef
code.google.com/p/gopacket.(*eagerPacket).NextDecoder(0xc208003440, 
0x7f8af23582e0, 0x2d, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:347 +0x20c
code.google.com/p/gopacket/layers.decodeIPv4(0xc2080041ee, 0x43, 0x43, 
0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/ip4.go:212 +0x22b
code.google.com/p/gopacket.DecodeFunc.Decode(0x63eac8, 0xc2080041ee, 0x43, 
0x43, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/decode.go:84 +0x6b
code.google.com/p/gopacket/layers.EthernetType.Decode(0x800, 0xc2080041ee, 
0x43, 0x43, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/enums.go:286 +0x9b
code.google.com/p/gopacket/layers.EthernetType.Decode·i(0x800, 0xc2080041ee, 
0x43, 0x43, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    <autogenerated>:8 +0x78
code.google.com/p/gopacket.(*eagerPacket).NextDecoder(0xc208003440, 
0x7f8af2358240, 0x800, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:347 +0x20c
code.google.com/p/gopacket/layers.decodeEthernet(0xc2080041e0, 0x51, 0x51, 
0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/ethernet.go:121 +0x21d
code.google.com/p/gopacket.DecodeFunc.Decode(0x63ea80, 0xc2080041e0, 0x51, 
0x51, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/decode.go:84 +0x6b
code.google.com/p/gopacket/layers.LinkType.Decode(0x7f8af44e9001, 0xc2080041e0, 
0x51, 0x51, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/layers/enums.go:316 +0x9b
code.google.com/p/gopacket/layers.LinkType.Decode·i(0x1, 0xc2080041e0, 0x51, 
0x51, 0x7f8af2358138, 0xc208003440, 0x0, 0x0)
    <autogenerated>:3 +0x77
code.google.com/p/gopacket.(*eagerPacket).initialDecode(0xc208003440, 
0x7f8af2358110, 0x1)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:351 +0xb3
code.google.com/p/gopacket.NewPacket(0xc2080041e0, 0x51, 0x51, 0x7f8af2358110, 
0x1, 0x28470000, 0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:566 +0x2bc
code.google.com/p/gopacket.(*PacketSource).NextPacket(0xc209062450, 0x0, 0x0, 
0x0, 0x0)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:664 +0x153
code.google.com/p/gopacket.(*PacketSource).packetsToChannel(0xc209062450)
    /root/gocode/src/code.google.com/p/gopacket/packet.go:677 +0x4c
created by code.google.com/p/gopacket.(*PacketSource).Packets
    /root/gocode/src/code.google.com/p/gopacket/packet.go:700 +0x5f

goroutine 16 [runnable]:
main.main()
    /root/gocode/dns_sniffer.go:14 +0x260

goroutine 19 [finalizer wait]:
runtime.park(0x4156f0, 0x9414b8, 0x934149)
    /usr/local/go/src/pkg/runtime/proc.c:1369 +0x89
runtime.parkunlock(0x9414b8, 0x934149)
    /usr/local/go/src/pkg/runtime/proc.c:1385 +0x3b
runfinq()
    /usr/local/go/src/pkg/runtime/mgc0.c:2644 +0xcf
runtime.goexit()
    /usr/local/go/src/pkg/runtime/proc.c:1445

goroutine 17 [syscall]:
runtime.goexit()
    /usr/local/go/src/pkg/runtime/proc.c:1445

Original issue reported on code.google.com by pavel.odintsov on 14 Oct 2014 at 9:28

[GoogleCodeExporter]

Hey, pavel,

Thanks for the heads-up!  Is there any chance you could dump the particular 
packet's bytes out and add them to this bug, so we can create a repeatable test 
case?

  --Graeme

Original comment by gconnell@google.com on 14 Oct 2014 at 2:58

[GoogleCodeExporter]

Hello, Graeme!

I reproduced this bug with pcap dump :) You can find code here: 
https://play.golang.org/p/0gPwZ4HlGQ and I emailed pcap dump to you.

Original comment by pavel.odintsov on 14 Oct 2014 at 5:19

[GoogleCodeExporter]

Got test cases out of band, confirmed bug.

Original comment by gconnell@google.com on 14 Oct 2014 at 5:54

• Changed state: Accepted

[GoogleCodeExporter]

https://code.google.com/p/gopacket/source/detail?r=bf7427225139b1c1a672cdfc056ba
9acd78ffe8d hopefully fixes this... I'm not seeing any more DNS failures for 
the pcap you sent out.

Original comment by gconnell@google.com on 16 Oct 2014 at 3:47

• Changed state: Fixed

[GoogleCodeExporter]

Thank you so so so much! :) I realized my tool for monitoring heavy loaded DNS 
servers and everything works perfectly now: 
https://gist.github.com/pavel-odintsov/ee3dd63d21a516d37480

Original comment by pavel.odintsov on 17 Oct 2014 at 10:29