On Wed, Oct 24, 2018 at 05:01:53AM -0400, Viktor Dukhovni wrote:
> And yet, here and there I see mention of having to take care to avoid "loops",
> but loops are impossible in a monotone strictly decreasing sequence.

Yes. This is one of the best ways of preventing such loops. Some libraries
accidentally allowed a jump to the same place though, if I recall correctly.

PowerDNS, for reasons I'm trying to find out, not only checks if a jump went
backwards but also refuses to go backwards more than 100 times. It may be
that someone made a packet that burned a lot of CPU time.

https://github.com/PowerDNS/pdns/commit/9114819cc4c5dad50ba92c8a9ab8d852811db365

> Is there a later RFC that relaxes the constraint and allows pointers to names
> later in the message?  I'm having a bit of trouble finding the later text...

Not that I know of. But it might accidentally work in some places, including
I think old (2.9 era) PowerDNS software. 

> Secondarily, can the pointer point to some odd-ball location earlier in the
> message that is not semantically a label in its original context, but just
> happens to carry data that decodes as the desired label?  Or, are pointers
> only valid to prior locations that are corresponding labels in their original
> context?

I'd say "don't do that". Someone really clever might one day find you can
point back to a location in the middle of a name that so happens to be
parseable as a whole name (remember, there is a length field there). 

It would likely work though in most implementations.

        Bert

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to