On Wed, Oct 24, 2018 at 05:01:53AM -0400, Viktor Dukhovni wrote: > And yet, here and there I see mention of having to take care to avoid "loops", > but loops are impossible in a monotone strictly decreasing sequence.
Yes. This is one of the best ways of preventing such loops. Some libraries accidentally allowed a jump to the same place though, if I recall correctly. PowerDNS, for reasons I'm trying to find out, not only checks if a jump went backwards but also refuses to go backwards more than 100 times. It may be that someone made a packet that burned a lot of CPU time. https://github.com/PowerDNS/pdns/commit/9114819cc4c5dad50ba92c8a9ab8d852811db365 > Is there a later RFC that relaxes the constraint and allows pointers to names > later in the message? I'm having a bit of trouble finding the later text... Not that I know of. But it might accidentally work in some places, including I think old (2.9 era) PowerDNS software. > Secondarily, can the pointer point to some odd-ball location earlier in the > message that is not semantically a label in its original context, but just > happens to carry data that decodes as the desired label? Or, are pointers > only valid to prior locations that are corresponding labels in their original > context? I'd say "don't do that". Someone really clever might one day find you can point back to a location in the middle of a name that so happens to be parseable as a whole name (remember, there is a length field there). It would likely work though in most implementations. Bert _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
