Databases
StackOverflow2013
Postsdbo
PODNS CNAME type Records have incorrect RDLENGTH fields?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PODNS CNAME type Records have incorrect RDLENGTH fields?
    text
    copied!<p>I've been using RFC 1035.4.1.3 as a reference for DNS RR format: <a href="http://www.freesoft.org/CIE/RFC/1035/42.htm" rel="nofollow noreferrer">http://www.freesoft.org/CIE/RFC/1035/42.htm</a></p> <p>The RFC says that RDLENGTH is "an unsigned 16 bit integer that specifies the length in octets of the RDATA field" but in the datagrams I'm getting RDLENGTH is sometimes 2 less than it should be. I've checked with wireshark to ensure that I'm getting the datagram correctly. Here's a CNAME record I got while looking up google:</p> <pre><code>C0 0C 00 05 00 01 00 03 95 FC 00 10 03 77 77 77 01 6C 06 67 6F 6F 67 6C 65 03 63 6F 6D 00 </code></pre> <p>So that's the name: C0 0C (a pointer to www.google.com earlier in the dgram)<br> Then the type: 00 05 (CNAME)<br> Then the class: 00 01 (IN)<br> Then the TTL: 00 03 95 FC (whatever)</p> <p>Then RDLENGTH: 00 10 (that's 16 bytes, yes?)</p> <p>Then RDATA:<br> 03 77 77 77 01 6C 06 67 6F 6F 67 6C 65 03 63 6F 6D 00 (www.l.google.com - format is correct)</p> <p>As you can see, the RDATA is 18 bytes in length. 18 bytes is 0x12, not 0x10.</p> <p>The type A records that come after that correctly report RDLENGTH 4 for the address data. Am I missing something here? I'd dismiss it as an error, but I get this for every DNS servers and every domain.</p> <p>I guess really what I'm asking is why the RDATA is longer than RDLENGTH and what rules should I follow to adapt to it so I can parse any type of record. (Specifically, can I expect this kind of thing from other RR types?)</p> <p>Thank you in advance to anyone who gives advice. :)</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload