net/dns/dns_response_unittest.cc

*6777b538SAndroid Build Coastguard Worker// Copyright 2012 The Chromium Authors
*6777b538SAndroid Build Coastguard Worker// Use of this source code is governed by a BSD-style license that can be
*6777b538SAndroid Build Coastguard Worker// found in the LICENSE file.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker#include "net/dns/dns_response.h"
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker#include <algorithm>
*6777b538SAndroid Build Coastguard Worker#include <memory>
*6777b538SAndroid Build Coastguard Worker#include <optional>
*6777b538SAndroid Build Coastguard Worker#include <string>
*6777b538SAndroid Build Coastguard Worker#include <string_view>
*6777b538SAndroid Build Coastguard Worker#include <vector>
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker#include "base/check.h"
*6777b538SAndroid Build Coastguard Worker#include "base/containers/span.h"
*6777b538SAndroid Build Coastguard Worker#include "base/containers/span_writer.h"
*6777b538SAndroid Build Coastguard Worker#include "base/time/time.h"
*6777b538SAndroid Build Coastguard Worker#include "net/base/io_buffer.h"
*6777b538SAndroid Build Coastguard Worker#include "net/dns/dns_names_util.h"
*6777b538SAndroid Build Coastguard Worker#include "net/dns/dns_query.h"
*6777b538SAndroid Build Coastguard Worker#include "net/dns/dns_test_util.h"
*6777b538SAndroid Build Coastguard Worker#include "net/dns/public/dns_protocol.h"
*6777b538SAndroid Build Coastguard Worker#include "net/dns/record_rdata.h"
*6777b538SAndroid Build Coastguard Worker#include "testing/gmock/include/gmock/gmock.h"
*6777b538SAndroid Build Coastguard Worker#include "testing/gtest/include/gtest/gtest.h"
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workernamespace net {
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workernamespace {
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, Constructor) {
*6777b538SAndroid Build Coastguard Worker  const char data[] = { 0 };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(DnsRecordParser().IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(DnsRecordParser(data, 1, 0, 0).IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(DnsRecordParser(data, 1, 1, 0).IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(DnsRecordParser(data, 1, 0, 0).AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(DnsRecordParser(data, 1, 1, 0).AtEnd());
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ReadName) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t data[] = {
*6777b538SAndroid Build Coastguard Worker      // all labels "foo.example.com"
*6777b538SAndroid Build Coastguard Worker      0x03, 'f', 'o', 'o', 0x07, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 0x03, 'c',
*6777b538SAndroid Build Coastguard Worker      'o', 'm',
*6777b538SAndroid Build Coastguard Worker      // byte 0x10
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      // byte 0x11
*6777b538SAndroid Build Coastguard Worker      // part label, part pointer, "bar.example.com"
*6777b538SAndroid Build Coastguard Worker      0x03, 'b', 'a', 'r', 0xc0, 0x04,
*6777b538SAndroid Build Coastguard Worker      // byte 0x17
*6777b538SAndroid Build Coastguard Worker      // all pointer to "bar.example.com", 2 jumps
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x11,
*6777b538SAndroid Build Coastguard Worker      // byte 0x1a
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(data, sizeof(data), 0, /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x11u, parser.ReadName(data + 0x00, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("foo.example.com", out);
*6777b538SAndroid Build Coastguard Worker  // Check that the last "." is never stored.
*6777b538SAndroid Build Coastguard Worker  out.clear();
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x1u, parser.ReadName(data + 0x10, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("", out);
*6777b538SAndroid Build Coastguard Worker  out.clear();
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x6u, parser.ReadName(data + 0x11, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("bar.example.com", out);
*6777b538SAndroid Build Coastguard Worker  out.clear();
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x2u, parser.ReadName(data + 0x17, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("bar.example.com", out);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Parse name without storing it.
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x11u, parser.ReadName(data + 0x00, nullptr));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x1u, parser.ReadName(data + 0x10, nullptr));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x6u, parser.ReadName(data + 0x11, nullptr));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x2u, parser.ReadName(data + 0x17, nullptr));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check that it works even if initial position is different.
*6777b538SAndroid Build Coastguard Worker  parser = DnsRecordParser(data, sizeof(data), 0x12, /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x6u, parser.ReadName(data + 0x11, nullptr));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ReadNameFail) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t data[] = {
*6777b538SAndroid Build Coastguard Worker      // label length beyond packet
*6777b538SAndroid Build Coastguard Worker      0x30, 'x', 'x', 0x00,
*6777b538SAndroid Build Coastguard Worker      // pointer offset beyond packet
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x20,
*6777b538SAndroid Build Coastguard Worker      // pointer loop
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x08, 0xc0, 0x06,
*6777b538SAndroid Build Coastguard Worker      // incorrect label type (currently supports only direct and pointer)
*6777b538SAndroid Build Coastguard Worker      0x80, 0x00,
*6777b538SAndroid Build Coastguard Worker      // truncated name (missing root label)
*6777b538SAndroid Build Coastguard Worker      0x02, 'x', 'x',
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(data, sizeof(data), 0, /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data + 0x00, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data + 0x04, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data + 0x08, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data + 0x0a, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data + 0x0c, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data + 0x0e, &out));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Returns an RFC 1034 style domain name with a length of |name_len|.
*6777b538SAndroid Build Coastguard Worker// Also writes the expected dotted string representation into |dotted_str|,
*6777b538SAndroid Build Coastguard Worker// which must be non-null.
*6777b538SAndroid Build Coastguard Workerstd::vector<uint8_t> BuildRfc1034Name(const size_t name_len,
*6777b538SAndroid Build Coastguard Worker                                      std::string* dotted_str) {
*6777b538SAndroid Build Coastguard Worker  // Impossible length. If length not zero, need at least 2 to allow label
*6777b538SAndroid Build Coastguard Worker  // length and label contents.
*6777b538SAndroid Build Coastguard Worker  CHECK_NE(name_len, 1u);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CHECK(dotted_str != nullptr);
*6777b538SAndroid Build Coastguard Worker  auto ChoosePrintableCharLambda = [](uint8_t n) { return n % 26 + 'A'; };
*6777b538SAndroid Build Coastguard Worker  const size_t max_label_len = 63;
*6777b538SAndroid Build Coastguard Worker  std::vector<uint8_t> data;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  dotted_str->clear();
*6777b538SAndroid Build Coastguard Worker  while (data.size() < name_len) {
*6777b538SAndroid Build Coastguard Worker    // Compute the size of the next label.
*6777b538SAndroid Build Coastguard Worker    //
*6777b538SAndroid Build Coastguard Worker    // No need to account for next label length because the final zero length is
*6777b538SAndroid Build Coastguard Worker    // not considered included in overall length.
*6777b538SAndroid Build Coastguard Worker    size_t label_len = std::min(name_len - data.size() - 1, max_label_len);
*6777b538SAndroid Build Coastguard Worker    // Need to ensure the remainder is not 1 because that would leave room for a
*6777b538SAndroid Build Coastguard Worker    // label length but not a label.
*6777b538SAndroid Build Coastguard Worker    if (name_len - data.size() - label_len - 1 == 1) {
*6777b538SAndroid Build Coastguard Worker      CHECK_GT(label_len, 1u);
*6777b538SAndroid Build Coastguard Worker      label_len -= 1;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Write the length octet
*6777b538SAndroid Build Coastguard Worker    data.push_back(label_len);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Write |label_len| bytes of label data
*6777b538SAndroid Build Coastguard Worker    const size_t size_with_label = data.size() + label_len;
*6777b538SAndroid Build Coastguard Worker    while (data.size() < size_with_label) {
*6777b538SAndroid Build Coastguard Worker      const uint8_t chr = ChoosePrintableCharLambda(data.size());
*6777b538SAndroid Build Coastguard Worker      data.push_back(chr);
*6777b538SAndroid Build Coastguard Worker      dotted_str->push_back(chr);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      CHECK(data.size() <= name_len);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Write a trailing dot after every label
*6777b538SAndroid Build Coastguard Worker    dotted_str->push_back('.');
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Omit the final dot
*6777b538SAndroid Build Coastguard Worker  if (!dotted_str->empty())
*6777b538SAndroid Build Coastguard Worker    dotted_str->pop_back();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CHECK(data.size() == name_len);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Final zero-length label (not considered included in overall length).
*6777b538SAndroid Build Coastguard Worker  data.push_back(0);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return data;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ReadNameGoodLength) {
*6777b538SAndroid Build Coastguard Worker  const size_t name_len_cases[] = {2, 10, 40, 250, 254, 255};
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto name_len : name_len_cases) {
*6777b538SAndroid Build Coastguard Worker    std::string expected_name;
*6777b538SAndroid Build Coastguard Worker    const std::vector<uint8_t> data_vector =
*6777b538SAndroid Build Coastguard Worker        BuildRfc1034Name(name_len, &expected_name);
*6777b538SAndroid Build Coastguard Worker    ASSERT_EQ(data_vector.size(), name_len + 1);
*6777b538SAndroid Build Coastguard Worker    const uint8_t* data = data_vector.data();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    DnsRecordParser parser(data, data_vector.size(), 0, /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker    ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    std::string out;
*6777b538SAndroid Build Coastguard Worker    EXPECT_EQ(data_vector.size(), parser.ReadName(data, &out));
*6777b538SAndroid Build Coastguard Worker    EXPECT_EQ(expected_name, out);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name length validation, which is anti-pattern #3 from
*6777b538SAndroid Build Coastguard Worker// the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ReadNameTooLongFail) {
*6777b538SAndroid Build Coastguard Worker  const size_t name_len_cases[] = {256, 257, 258, 300, 10000};
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto name_len : name_len_cases) {
*6777b538SAndroid Build Coastguard Worker    std::string expected_name;
*6777b538SAndroid Build Coastguard Worker    const std::vector<uint8_t> data_vector =
*6777b538SAndroid Build Coastguard Worker        BuildRfc1034Name(name_len, &expected_name);
*6777b538SAndroid Build Coastguard Worker    ASSERT_EQ(data_vector.size(), name_len + 1);
*6777b538SAndroid Build Coastguard Worker    const uint8_t* data = data_vector.data();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    DnsRecordParser parser(data, data_vector.size(), 0, /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker    ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    std::string out;
*6777b538SAndroid Build Coastguard Worker    EXPECT_EQ(0u, parser.ReadName(data, &out));
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name compression pointer validation, which is anti-
*6777b538SAndroid Build Coastguard Worker// pattern #6 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectsNamesWithLoops) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\007example\300\031"  // www.example with pointer to byte 25
*6777b538SAndroid Build Coastguard Worker      "aaaaaaaaaaa"                 // Garbage data to spread things out.
*6777b538SAndroid Build Coastguard Worker      "\003foo\300\004";            // foo with pointer to byte 4.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(kData, /*length=*/sizeof(kData) - 1, /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker                         /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(kData, &out));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name compression pointer validation, which is anti-
*6777b538SAndroid Build Coastguard Worker// pattern #6 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectsNamesPointingOutsideData) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\007example\300\031";  // www.example with pointer to byte 25
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(kData, /*length=*/sizeof(kData) - 1, /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker                         /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(kData, &out));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ParsesValidPointer) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\007example\300\022"  // www.example with pointer to byte 25.
*6777b538SAndroid Build Coastguard Worker      "aaaa"                        // Garbage data to spread things out.
*6777b538SAndroid Build Coastguard Worker      "\004test\000";               // .test
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(kData, /*length=*/sizeof(kData) - 1, /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker                         /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(14u, parser.ReadName(kData, &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(out, "www.example.test");
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Per RFC 1035, section 4.1.4, the first 2 bits of a DNS name label determine
*6777b538SAndroid Build Coastguard Worker// if it is a length label (if the bytes are 00) or a pointer label (if the
*6777b538SAndroid Build Coastguard Worker// bytes are 11). It is a common DNS parsing bug to treat 01 or 10 as pointer
*6777b538SAndroid Build Coastguard Worker// labels, but these are reserved and invalid. Such labels should always result
*6777b538SAndroid Build Coastguard Worker// in DnsRecordParser rejecting the name.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name compression pointer validation, which is anti-
*6777b538SAndroid Build Coastguard Worker// pattern #6 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectsNamesWithInvalidLabelTypeAsPointer) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\007example\200\022"  // www.example with invalid label as pointer
*6777b538SAndroid Build Coastguard Worker      "aaaa"                        // Garbage data to spread things out.
*6777b538SAndroid Build Coastguard Worker      "\004test\000";               // .test
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(kData, /*length=*/sizeof(kData) - 1, /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker                         /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(kData, &out));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Per RFC 1035, section 4.1.4, the first 2 bits of a DNS name label determine
*6777b538SAndroid Build Coastguard Worker// if it is a length label (if the bytes are 00) or a pointer label (if the
*6777b538SAndroid Build Coastguard Worker// bytes are 11). Such labels should always result in DnsRecordParser rejecting
*6777b538SAndroid Build Coastguard Worker// the name.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name compression pointer validation, which is anti-
*6777b538SAndroid Build Coastguard Worker// pattern #6 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectsNamesWithInvalidLabelTypeAsLength) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\007example\104"  // www.example with invalid label as length
*6777b538SAndroid Build Coastguard Worker      "test\000";  // test. (in case \104 is interpreted as length=4)
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Append a bunch of zeroes to the buffer in case \104 is interpreted as a
*6777b538SAndroid Build Coastguard Worker  // long length.
*6777b538SAndroid Build Coastguard Worker  std::string data(kData, sizeof(kData) - 1);
*6777b538SAndroid Build Coastguard Worker  data.append(256, '\000');
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(data.data(), data.size(), /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker                         /*num_records=*/0);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, parser.ReadName(data.data(), &out));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ReadRecord) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t data[] = {
*6777b538SAndroid Build Coastguard Worker      // Type CNAME record.
*6777b538SAndroid Build Coastguard Worker      0x07, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 0x03, 'c', 'o', 'm', 0x00, 0x00,
*6777b538SAndroid Build Coastguard Worker      0x05,                    // TYPE is CNAME.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01, 0x24, 0x74,  // TTL is 0x00012474.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x06,              // RDLENGTH is 6 bytes.
*6777b538SAndroid Build Coastguard Worker      0x03, 'f', 'o', 'o',     // compressed name in record
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x00,
*6777b538SAndroid Build Coastguard Worker      // Type A record.
*6777b538SAndroid Build Coastguard Worker      0x03, 'b', 'a', 'r',     // compressed owner name
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x00, 0x00, 0x01,  // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x20, 0x13, 0x55,  // TTL is 0x00201355.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // RDLENGTH is 4 bytes.
*6777b538SAndroid Build Coastguard Worker      0x7f, 0x02, 0x04, 0x01,  // IP is 127.2.4.1
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string out;
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(data, 0, /*num_records=*/2);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("example.com", record.name);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kTypeCNAME, record.type);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kClassIN, record.klass);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x00012474u, record.ttl);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(6u, record.rdata.length());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(6u, parser.ReadName(record.rdata.data(), &out));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("foo.example.com", out);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("bar.example.com", record.name);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kTypeA, record.type);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kClassIN, record.klass);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x00201355u, record.ttl);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(4u, record.rdata.length());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(std::string_view("\x7f\x02\x04\x01"), record.rdata);
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Test truncated record.
*6777b538SAndroid Build Coastguard Worker  parser = DnsRecordParser(data, sizeof(data) - 2, 0, /*num_records=*/2);
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, ReadsRecordWithLongName) {
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name;
*6777b538SAndroid Build Coastguard Worker  const std::vector<uint8_t> dns_name =
*6777b538SAndroid Build Coastguard Worker      BuildRfc1034Name(dns_protocol::kMaxNameLength, &dotted_name);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string data(reinterpret_cast<const char*>(dns_name.data()),
*6777b538SAndroid Build Coastguard Worker                   dns_name.size());
*6777b538SAndroid Build Coastguard Worker  data.append(
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"   // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"           // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01",  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      14);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(data.data(), data.size(), 0, /*num_records=*/1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name length validation, which is anti-pattern #3 from
*6777b538SAndroid Build Coastguard Worker// the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectRecordWithTooLongName) {
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name;
*6777b538SAndroid Build Coastguard Worker  const std::vector<uint8_t> dns_name =
*6777b538SAndroid Build Coastguard Worker      BuildRfc1034Name(dns_protocol::kMaxNameLength + 1, &dotted_name);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string data(reinterpret_cast<const char*>(dns_name.data()),
*6777b538SAndroid Build Coastguard Worker                   dns_name.size());
*6777b538SAndroid Build Coastguard Worker  data.append(
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"   // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"           // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01",  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      14);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(data.data(), data.size(), 0, /*num_records=*/1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that a record cannot be parsed with a name extending past the end of the
*6777b538SAndroid Build Coastguard Worker// data.
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name length validation, which is anti-pattern #3 from
*6777b538SAndroid Build Coastguard Worker// the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectRecordWithNonendedName) {
*6777b538SAndroid Build Coastguard Worker  const char kNonendedName[] = "\003www\006google\006www";
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(kNonendedName, sizeof(kNonendedName) - 1, 0,
*6777b538SAndroid Build Coastguard Worker                         /*num_records=*/1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that a record cannot be parsed with a name without final null
*6777b538SAndroid Build Coastguard Worker// termination. Parsing should assume the name has not ended and find the first
*6777b538SAndroid Build Coastguard Worker// byte of the TYPE field instead, making the remainder of the record
*6777b538SAndroid Build Coastguard Worker// unparsable.
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name null termination, which is anti-pattern #4 from
*6777b538SAndroid Build Coastguard Worker// the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectRecordNameMissingNullTermination) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test"  // Name without termination.
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                   // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                   // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"           // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"                   // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01";          // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(kData, sizeof(kData) - 1, 0, /*num_records=*/1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that no more records can be parsed once the claimed number of records
*6777b538SAndroid Build Coastguard Worker// have been parsed.
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectReadingTooManyRecords) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01"  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      "\003www\010chromium\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"   // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"           // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x02";  // 192.168.0.2
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(
*6777b538SAndroid Build Coastguard Worker      kData, /*length=*/sizeof(kData) - 1, /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker      /*num_records=*/1);  // Claim 1 record despite there being 2 in `kData`.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record1;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record1));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Expect second record cannot be parsed because only 1 was expected.
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record2;
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record2));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that no more records can be parsed once the end of the buffer is
*6777b538SAndroid Build Coastguard Worker// reached, even if more records are claimed.
*6777b538SAndroid Build Coastguard WorkerTEST(DnsRecordParserTest, RejectReadingPastEnd) {
*6777b538SAndroid Build Coastguard Worker  const char kData[] =
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01"  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      "\003www\010chromium\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"   // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"           // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x02";  // 192.168.0.2
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser(
*6777b538SAndroid Build Coastguard Worker      kData, /*length=*/sizeof(kData) - 1, /*offset=*/0,
*6777b538SAndroid Build Coastguard Worker      /*num_records=*/3);  // Claim 3 record despite there being 2 in `kData`.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParse) {
*6777b538SAndroid Build Coastguard Worker  // This includes \0 at the end.
*6777b538SAndroid Build Coastguard Worker  const char qname[] =
*6777b538SAndroid Build Coastguard Worker      "\x0A"
*6777b538SAndroid Build Coastguard Worker      "codereview"
*6777b538SAndroid Build Coastguard Worker      "\x08"
*6777b538SAndroid Build Coastguard Worker      "chromium"
*6777b538SAndroid Build Coastguard Worker      "\x03"
*6777b538SAndroid Build Coastguard Worker      "org";
*6777b538SAndroid Build Coastguard Worker  // Compilers want to copy when binding temporary to const &, so must use heap.
*6777b538SAndroid Build Coastguard Worker  auto query = std::make_unique<DnsQuery>(0xcafe, base::as_byte_span(qname),
*6777b538SAndroid Build Coastguard Worker                                          dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      // Header
*6777b538SAndroid Build Coastguard Worker      0xca, 0xfe,  // ID
*6777b538SAndroid Build Coastguard Worker      0x81, 0x80,  // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // 1 question
*6777b538SAndroid Build Coastguard Worker      0x00, 0x02,  // 2 RRs (answers)
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 authority RRs
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // 1 additional RRs
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Question
*6777b538SAndroid Build Coastguard Worker      // This part is echoed back from the respective query.
*6777b538SAndroid Build Coastguard Worker      0x0a, 'c', 'o', 'd', 'e', 'r', 'e', 'v', 'i', 'e', 'w', 0x08, 'c', 'h',
*6777b538SAndroid Build Coastguard Worker      'r', 'o', 'm', 'i', 'u', 'm', 0x03, 'o', 'r', 'g', 0x00, 0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,        // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Answer 1
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x0c,  // NAME is a pointer to name in Question section.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x05,  // TYPE is CNAME.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // TTL (4 bytes) is 20 hours, 47 minutes, 48 seconds.
*6777b538SAndroid Build Coastguard Worker      0x24, 0x74, 0x00, 0x12,  // RDLENGTH is 18 bytes.
*6777b538SAndroid Build Coastguard Worker      // ghs.l.google.com in DNS format.
*6777b538SAndroid Build Coastguard Worker      0x03, 'g', 'h', 's', 0x01, 'l', 0x06, 'g', 'o', 'o', 'g', 'l', 'e', 0x03,
*6777b538SAndroid Build Coastguard Worker      'c', 'o', 'm', 0x00,
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Answer 2
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x35,              // NAME is a pointer to name in Answer 1.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,              // TTL (4 bytes) is 53 seconds.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x35, 0x00, 0x04,  // RDLENGTH is 4 bytes.
*6777b538SAndroid Build Coastguard Worker      0x4a, 0x7d,              // RDATA is the IP: 74.125.95.121
*6777b538SAndroid Build Coastguard Worker      0x5f, 0x79,
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Additional 1
*6777b538SAndroid Build Coastguard Worker      0x00,                    // NAME is empty (root domain).
*6777b538SAndroid Build Coastguard Worker      0x00, 0x29,              // TYPE is OPT.
*6777b538SAndroid Build Coastguard Worker      0x10, 0x00,              // CLASS is max UDP payload size (4096).
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x00,  // TTL (4 bytes) is rcode, version and flags.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x08,              // RDLENGTH
*6777b538SAndroid Build Coastguard Worker      0x00, 0xFF,              // OPT code
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // OPT data size
*6777b538SAndroid Build Coastguard Worker      0xDE, 0xAD, 0xBE, 0xEF   // OPT data
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data, sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.id());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Reject too short.
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(query->io_buffer()->size() - 1, *query));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.id());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Reject wrong id.
*6777b538SAndroid Build Coastguard Worker  std::unique_ptr<DnsQuery> other_query = query->CloneWithNewId(0xbeef);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(response_data), *other_query));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.id(), testing::Optional(0xcafe));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Reject wrong question.
*6777b538SAndroid Build Coastguard Worker  auto wrong_query = std::make_unique<DnsQuery>(
*6777b538SAndroid Build Coastguard Worker      0xcafe, base::as_byte_span(qname), dns_protocol::kTypeCNAME);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(response_data), *wrong_query));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.id(), testing::Optional(0xcafe));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Accept matching question.
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp.InitParse(sizeof(response_data), *query));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check header access.
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.id(), testing::Optional(0xcafe));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x8180, resp.flags());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x0, resp.rcode());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(2u, resp.answer_count());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(1u, resp.additional_answer_count());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check question access.
*6777b538SAndroid Build Coastguard Worker  std::optional<std::vector<uint8_t>> response_qname =
*6777b538SAndroid Build Coastguard Worker      dns_names_util::DottedNameToNetwork(resp.GetSingleDottedName());
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(response_qname.has_value());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(query->qname(),
*6777b538SAndroid Build Coastguard Worker              testing::ElementsAreArray(response_qname.value()));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(query->qtype(), resp.GetSingleQType());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("codereview.chromium.org", resp.GetSingleDottedName());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser = resp.Parser();
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseInvalidFlags) {
*6777b538SAndroid Build Coastguard Worker  // This includes \0 at the end.
*6777b538SAndroid Build Coastguard Worker  const char qname[] =
*6777b538SAndroid Build Coastguard Worker      "\x0A"
*6777b538SAndroid Build Coastguard Worker      "codereview"
*6777b538SAndroid Build Coastguard Worker      "\x08"
*6777b538SAndroid Build Coastguard Worker      "chromium"
*6777b538SAndroid Build Coastguard Worker      "\x03"
*6777b538SAndroid Build Coastguard Worker      "org";
*6777b538SAndroid Build Coastguard Worker  // Compilers want to copy when binding temporary to const &, so must use heap.
*6777b538SAndroid Build Coastguard Worker  auto query = std::make_unique<DnsQuery>(0xcafe, base::as_byte_span(qname),
*6777b538SAndroid Build Coastguard Worker                                          dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      // Header
*6777b538SAndroid Build Coastguard Worker      0xca, 0xfe,  // ID
*6777b538SAndroid Build Coastguard Worker      0x01, 0x80,  // RA, no error. Note the absence of the required QR bit.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // 1 question
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // 1 RRs (answers)
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 authority RRs
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 additional RRs
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Question
*6777b538SAndroid Build Coastguard Worker      // This part is echoed back from the respective query.
*6777b538SAndroid Build Coastguard Worker      0x0a, 'c', 'o', 'd', 'e', 'r', 'e', 'v', 'i', 'e', 'w', 0x08, 'c', 'h',
*6777b538SAndroid Build Coastguard Worker      'r', 'o', 'm', 'i', 'u', 'm', 0x03, 'o', 'r', 'g', 0x00, 0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,        // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Answer 1
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x0c,  // NAME is a pointer to name in Question section.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x05,  // TYPE is CNAME.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // TTL (4 bytes) is 20 hours, 47 minutes, 48 seconds.
*6777b538SAndroid Build Coastguard Worker      0x24, 0x74, 0x00, 0x12,  // RDLENGTH is 18 bytes.
*6777b538SAndroid Build Coastguard Worker      // ghs.l.google.com in DNS format.
*6777b538SAndroid Build Coastguard Worker      0x03, 'g', 'h', 's', 0x01, 'l', 0x06, 'g', 'o', 'o', 'g', 'l', 'e', 0x03,
*6777b538SAndroid Build Coastguard Worker      'c', 'o', 'm', 0x00,
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data, sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(response_data), *query));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.id(), testing::Optional(0xcafe));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseRejectsResponseWithoutQuestions) {
*6777b538SAndroid Build Coastguard Worker  const char kResponse[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"                       // ID=581
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"                       // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 questions
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // 1 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 additional records
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"  // www.google.test
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x00\x2a\x30"               // TTL=3 hours
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"                       // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xa0\xa0\xa0\xa0";              // 10.10.10.10
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Validate that the response is fine if not matching against a query.
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(resp.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const char kQueryName[] = "\003www\006google\004test";
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(
*6777b538SAndroid Build Coastguard Worker      /*id=*/581, base::as_byte_span(kQueryName), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(kResponse) - 1, query));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseRejectsResponseWithTooManyQuestions) {
*6777b538SAndroid Build Coastguard Worker  const char kResponse[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x46"                       // ID=582
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"                       // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x02"                       // 2 questions
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 additional records
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"  // www.google.test
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\003www\010chromium\004test\000"  // www.chromium.test
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                         // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01";                        // CLASS=IN
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Validate that the response is fine if not matching against a query.
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(resp.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const char kQueryName[] = "\003www\006google\004test";
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(
*6777b538SAndroid Build Coastguard Worker      /*id=*/582, base::as_byte_span(kQueryName), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(kResponse) - 1, query));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseWithoutQuery) {
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), kT0ResponseDatagram,
*6777b538SAndroid Build Coastguard Worker         sizeof(kT0ResponseDatagram));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Accept matching question.
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp.InitParseWithoutQuery(sizeof(kT0ResponseDatagram)));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check header access.
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x8180, resp.flags());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x0, resp.rcode());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(kT0RecordCount, resp.answer_count());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check question access.
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(kT0Qtype, resp.GetSingleQType());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(kT0HostName, resp.GetSingleDottedName());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser = resp.Parser();
*6777b538SAndroid Build Coastguard Worker  for (unsigned i = 0; i < kT0RecordCount; i ++) {
*6777b538SAndroid Build Coastguard Worker    EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker    EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseWithoutQueryNoQuestions) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      // Header
*6777b538SAndroid Build Coastguard Worker      0xca, 0xfe,  // ID
*6777b538SAndroid Build Coastguard Worker      0x81, 0x80,  // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // No question
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // 2 RRs (answers)
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 authority RRs
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 additional RRs
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Answer 1
*6777b538SAndroid Build Coastguard Worker      0x0a, 'c', 'o', 'd', 'e', 'r', 'e', 'v', 'i', 'e', 'w', 0x08, 'c', 'h',
*6777b538SAndroid Build Coastguard Worker      'r', 'o', 'm', 'i', 'u', 'm', 0x03, 'o', 'r', 'g', 0x00, 0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,                    // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,              // TTL (4 bytes) is 53 seconds.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x35, 0x00, 0x04,  // RDLENGTH is 4 bytes.
*6777b538SAndroid Build Coastguard Worker      0x4a, 0x7d,              // RDATA is the IP: 74.125.95.121
*6777b538SAndroid Build Coastguard Worker      0x5f, 0x79,
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data, sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp.InitParseWithoutQuery(sizeof(response_data)));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check header access.
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.id(), testing::Optional(0xcafe));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x8180, resp.flags());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x0, resp.rcode());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0u, resp.question_count());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x1u, resp.answer_count());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.dotted_qnames(), testing::IsEmpty());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.qtypes(), testing::IsEmpty());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser = resp.Parser();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("codereview.chromium.org", record.name);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x00000035u, record.ttl);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kTypeA, record.type);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseWithoutQueryInvalidFlags) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      // Header
*6777b538SAndroid Build Coastguard Worker      0xca, 0xfe,  // ID
*6777b538SAndroid Build Coastguard Worker      0x01, 0x80,  // RA, no error. Note the absence of the required QR bit.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // No question
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // 2 RRs (answers)
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 authority RRs
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // 0 additional RRs
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Answer 1
*6777b538SAndroid Build Coastguard Worker      0x0a, 'c', 'o', 'd', 'e', 'r', 'e', 'v', 'i', 'e', 'w', 0x08, 'c', 'h',
*6777b538SAndroid Build Coastguard Worker      'r', 'o', 'm', 'i', 'u', 'm', 0x03, 'o', 'r', 'g', 0x00, 0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,                    // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,              // TTL (4 bytes) is 53 seconds.
*6777b538SAndroid Build Coastguard Worker      0x00, 0x35, 0x00, 0x04,  // RDLENGTH is 4 bytes.
*6777b538SAndroid Build Coastguard Worker      0x4a, 0x7d,              // RDATA is the IP: 74.125.95.121
*6777b538SAndroid Build Coastguard Worker      0x5f, 0x79,
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data, sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParseWithoutQuery(sizeof(response_data)));
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.id(), testing::Optional(0xcafe));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseWithoutQueryTwoQuestions) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      // Header
*6777b538SAndroid Build Coastguard Worker      0xca,
*6777b538SAndroid Build Coastguard Worker      0xfe,  // ID
*6777b538SAndroid Build Coastguard Worker      0x81,
*6777b538SAndroid Build Coastguard Worker      0x80,  // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x02,  // 2 questions
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // 2 RRs (answers)
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x00,  // 0 authority RRs
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x00,  // 0 additional RRs
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Question 1
*6777b538SAndroid Build Coastguard Worker      0x0a,
*6777b538SAndroid Build Coastguard Worker      'c',
*6777b538SAndroid Build Coastguard Worker      'o',
*6777b538SAndroid Build Coastguard Worker      'd',
*6777b538SAndroid Build Coastguard Worker      'e',
*6777b538SAndroid Build Coastguard Worker      'r',
*6777b538SAndroid Build Coastguard Worker      'e',
*6777b538SAndroid Build Coastguard Worker      'v',
*6777b538SAndroid Build Coastguard Worker      'i',
*6777b538SAndroid Build Coastguard Worker      'e',
*6777b538SAndroid Build Coastguard Worker      'w',
*6777b538SAndroid Build Coastguard Worker      0x08,
*6777b538SAndroid Build Coastguard Worker      'c',
*6777b538SAndroid Build Coastguard Worker      'h',
*6777b538SAndroid Build Coastguard Worker      'r',
*6777b538SAndroid Build Coastguard Worker      'o',
*6777b538SAndroid Build Coastguard Worker      'm',
*6777b538SAndroid Build Coastguard Worker      'i',
*6777b538SAndroid Build Coastguard Worker      'u',
*6777b538SAndroid Build Coastguard Worker      'm',
*6777b538SAndroid Build Coastguard Worker      0x03,
*6777b538SAndroid Build Coastguard Worker      'o',
*6777b538SAndroid Build Coastguard Worker      'r',
*6777b538SAndroid Build Coastguard Worker      'g',
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Question 2
*6777b538SAndroid Build Coastguard Worker      0x0b,
*6777b538SAndroid Build Coastguard Worker      'c',
*6777b538SAndroid Build Coastguard Worker      'o',
*6777b538SAndroid Build Coastguard Worker      'd',
*6777b538SAndroid Build Coastguard Worker      'e',
*6777b538SAndroid Build Coastguard Worker      'r',
*6777b538SAndroid Build Coastguard Worker      'e',
*6777b538SAndroid Build Coastguard Worker      'v',
*6777b538SAndroid Build Coastguard Worker      'i',
*6777b538SAndroid Build Coastguard Worker      'e',
*6777b538SAndroid Build Coastguard Worker      'w',
*6777b538SAndroid Build Coastguard Worker      '2',
*6777b538SAndroid Build Coastguard Worker      0xc0,
*6777b538SAndroid Build Coastguard Worker      0x17,  // pointer to "chromium.org"
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Answer 1
*6777b538SAndroid Build Coastguard Worker      0xc0,
*6777b538SAndroid Build Coastguard Worker      0x0c,  // NAME is a pointer to name in Question section.
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // TYPE is A.
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x01,  // CLASS is IN.
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x00,  // TTL (4 bytes) is 53 seconds.
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x35,
*6777b538SAndroid Build Coastguard Worker      0x00,
*6777b538SAndroid Build Coastguard Worker      0x04,  // RDLENGTH is 4 bytes.
*6777b538SAndroid Build Coastguard Worker      0x4a,
*6777b538SAndroid Build Coastguard Worker      0x7d,  // RDATA is the IP: 74.125.95.121
*6777b538SAndroid Build Coastguard Worker      0x5f,
*6777b538SAndroid Build Coastguard Worker      0x79,
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data, sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp.InitParseWithoutQuery(sizeof(response_data)));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check header access.
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x8180, resp.flags());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x0, resp.rcode());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(2u, resp.question_count());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x01u, resp.answer_count());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.dotted_qnames(),
*6777b538SAndroid Build Coastguard Worker              testing::ElementsAre("codereview.chromium.org",
*6777b538SAndroid Build Coastguard Worker                                   "codereview2.chromium.org"));
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(resp.qtypes(),
*6777b538SAndroid Build Coastguard Worker              testing::ElementsAre(dns_protocol::kTypeA, dns_protocol::kTypeA));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser = resp.Parser();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ("codereview.chromium.org", record.name);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(0x35u, record.ttl);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kTypeA, record.type);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.AtEnd());
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseWithoutQueryPacketTooShort) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      // Header
*6777b538SAndroid Build Coastguard Worker      0xca, 0xfe,  // ID
*6777b538SAndroid Build Coastguard Worker      0x81, 0x80,  // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // No question
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data, sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParseWithoutQuery(sizeof(response_data)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseAllowsQuestionWithLongName) {
*6777b538SAndroid Build Coastguard Worker  const char kResponseHeader[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"   // ID=581
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"   // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"   // 1 question
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"   // 0 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"   // 0 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x00";  // 0 additional records
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name;
*6777b538SAndroid Build Coastguard Worker  const std::vector<uint8_t> dns_name =
*6777b538SAndroid Build Coastguard Worker      BuildRfc1034Name(dns_protocol::kMaxNameLength, &dotted_name);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string response_data(kResponseHeader, sizeof(kResponseHeader) - 1);
*6777b538SAndroid Build Coastguard Worker  response_data.append(reinterpret_cast<const char*>(dns_name.data()),
*6777b538SAndroid Build Coastguard Worker                       dns_name.size());
*6777b538SAndroid Build Coastguard Worker  response_data.append(
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"   // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01",  // CLASS=IN)
*6777b538SAndroid Build Coastguard Worker      4);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp1;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp1.io_buffer()->data(), response_data.data(), response_data.size());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp1.InitParseWithoutQuery(response_data.size()));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(581, dns_name, dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp2(resp1.io_buffer(), response_data.size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(resp2.InitParse(response_data.size(), query));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name length validation, which is anti-pattern #3 from
*6777b538SAndroid Build Coastguard Worker// the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseRejectsQuestionWithTooLongName) {
*6777b538SAndroid Build Coastguard Worker  const char kResponseHeader[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"   // ID=581
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"   // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"   // 1 question
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"   // 0 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"   // 0 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x00";  // 0 additional records
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name;
*6777b538SAndroid Build Coastguard Worker  const std::vector<uint8_t> dns_name =
*6777b538SAndroid Build Coastguard Worker      BuildRfc1034Name(dns_protocol::kMaxNameLength + 1, &dotted_name);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string response_data(kResponseHeader, sizeof(kResponseHeader) - 1);
*6777b538SAndroid Build Coastguard Worker  response_data.append(reinterpret_cast<const char*>(dns_name.data()),
*6777b538SAndroid Build Coastguard Worker                       dns_name.size());
*6777b538SAndroid Build Coastguard Worker  response_data.append(
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"   // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01",  // CLASS=IN)
*6777b538SAndroid Build Coastguard Worker      4);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), response_data.data(), response_data.size());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParseWithoutQuery(response_data.size()));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Note that `DnsQuery` disallows construction without a valid name, so
*6777b538SAndroid Build Coastguard Worker  // `InitParse()` can never be tested with a `query` that matches against a
*6777b538SAndroid Build Coastguard Worker  // too-long name in the response. Test with an arbitrary valid query name to
*6777b538SAndroid Build Coastguard Worker  // ensure no issues if this code is exercised after receiving a response with
*6777b538SAndroid Build Coastguard Worker  // a too-long name.
*6777b538SAndroid Build Coastguard Worker  const char kQueryName[] = "\005query\004test";
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(
*6777b538SAndroid Build Coastguard Worker      /*id=*/581, base::as_byte_span(kQueryName), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(response_data.size(), query));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that `InitParse[...]()` rejects a response with a question name
*6777b538SAndroid Build Coastguard Worker// extending past the end of the response.
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect name length validation, which is anti-pattern #3 from
*6777b538SAndroid Build Coastguard Worker// the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseRejectsQuestionWithNonendedName) {
*6777b538SAndroid Build Coastguard Worker  const char kResponse[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"                    // ID
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"                    // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                    // 1 question
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                    // 0 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                    // 0 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                    // 0 additional records
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\006test";  // Name extending past the end.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const char kQueryName[] = "\003www\006google\006testtt";
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(
*6777b538SAndroid Build Coastguard Worker      /*id=*/581, base::as_byte_span(kQueryName), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(kResponse) - 1, query));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that `InitParse[...]()` rejects responses that do not contain at least
*6777b538SAndroid Build Coastguard Worker// the claimed number of questions.
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect record count field validation, which is anti-pattern
*6777b538SAndroid Build Coastguard Worker// #5 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, InitParseRejectsResponseWithMissingQuestions) {
*6777b538SAndroid Build Coastguard Worker  const char kResponse[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"                       // ID
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"                       // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x03"                       // 3 questions
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x00"                       // 0 additional records
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"  // www.google.test
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                       // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\003www\010chromium\004test\000"  // www.chromium.test
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"                         // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01";                        // CLASS=IN
*6777b538SAndroid Build Coastguard Worker  // Missing third question.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const char kQueryName[] = "\003www\006google\004test";
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(
*6777b538SAndroid Build Coastguard Worker      /*id=*/581, base::as_byte_span(kQueryName), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(resp.InitParse(sizeof(kResponse) - 1, query));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that a parsed DnsResponse only allows parsing the number of records
*6777b538SAndroid Build Coastguard Worker// claimed in the response header.
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect record count field validation, which is anti-pattern
*6777b538SAndroid Build Coastguard Worker// #5 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, ParserLimitedToNumClaimedRecords) {
*6777b538SAndroid Build Coastguard Worker  const char kResponse[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"  // ID
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"  // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // 1 question
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // 1 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x02"  // 2 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // 1 additional records
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      // 6 total records.
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01"  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      "\003www\010chromium\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x02"  // 192.168.0.2
*6777b538SAndroid Build Coastguard Worker      "\003www\007google1\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x03"  // 192.168.0.3
*6777b538SAndroid Build Coastguard Worker      "\003www\011chromium1\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x04"  // 192.168.0.4
*6777b538SAndroid Build Coastguard Worker      "\003www\007google2\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x05"  // 192.168.0.5
*6777b538SAndroid Build Coastguard Worker      "\003www\011chromium2\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"   // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"           // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x06";  // 192.168.0.6
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp1;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp1.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(resp1.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser1 = resp1.Parser();
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser1.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Response header only claims 4 records, so expect parser to only allow
*6777b538SAndroid Build Coastguard Worker  // parsing that many, ignoring extra records in the data.
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Repeat using InitParse()
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp2;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp2.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const char kQueryName[] = "\003www\006google\004test";
*6777b538SAndroid Build Coastguard Worker  DnsQuery query(
*6777b538SAndroid Build Coastguard Worker      /*id=*/581, base::as_byte_span(kQueryName), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(resp2.InitParse(sizeof(kResponse) - 1, query));
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser2 = resp2.Parser();
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser2.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Response header only claims 4 records, so expect parser to only allow
*6777b538SAndroid Build Coastguard Worker  // parsing that many, ignoring extra records in the data.
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test that a parsed DnsResponse does not allow parsing past the end of the
*6777b538SAndroid Build Coastguard Worker// input, even if more records are claimed in the response header.
*6777b538SAndroid Build Coastguard Worker// Tests against incorrect record count field validation, which is anti-pattern
*6777b538SAndroid Build Coastguard Worker// #5 from the "NAME:WRECK" report:
*6777b538SAndroid Build Coastguard Worker// https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseTest, ParserLimitedToBufferSize) {
*6777b538SAndroid Build Coastguard Worker  const char kResponse[] =
*6777b538SAndroid Build Coastguard Worker      "\x02\x45"  // ID
*6777b538SAndroid Build Coastguard Worker      "\x81\x80"  // Standard query response, RA, no error
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // 1 question
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // 1 answers
*6777b538SAndroid Build Coastguard Worker      "\x00\x02"  // 2 authority records
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // 1 additional records
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"  // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      // 2 total records.
*6777b538SAndroid Build Coastguard Worker      "\003www\006google\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"          // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"  // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"          // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x01"  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      "\003www\010chromium\004test\000"
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // TYPE=A
*6777b538SAndroid Build Coastguard Worker      "\x00\x01"           // CLASS=IN
*6777b538SAndroid Build Coastguard Worker      "\x00\x01\x51\x80"   // TTL=1 day
*6777b538SAndroid Build Coastguard Worker      "\x00\x04"           // RDLENGTH=4 bytes
*6777b538SAndroid Build Coastguard Worker      "\xc0\xa8\x00\x02";  // 192.168.0.2
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp1;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp1.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(resp1.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser1 = resp1.Parser();
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser1.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Response header claims 4 records, but only 2 present in input.
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser1.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Repeat using InitParse()
*6777b538SAndroid Build Coastguard Worker  DnsResponse resp2;
*6777b538SAndroid Build Coastguard Worker  memcpy(resp2.io_buffer()->data(), kResponse, sizeof(kResponse) - 1);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(resp2.InitParseWithoutQuery(sizeof(kResponse) - 1));
*6777b538SAndroid Build Coastguard Worker  DnsRecordParser parser2 = resp2.Parser();
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(parser2.IsValid());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Response header claims 4 records, but only 2 present in input.
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_FALSE(parser2.ReadRecord(&record));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, SingleARecordAnswer) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = "www.example.com";
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* response_id */, true /* is_authoritative*/,
*6777b538SAndroid Build Coastguard Worker                       answers, {} /* authority_records */,
*6777b538SAndroid Build Coastguard Worker                       {} /* additional records */, std::nullopt);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, SingleARecordAnswerWithFinalDotInName) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = "www.example.com.";  // FQDN with the final dot.
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* response_id */, true /* is_authoritative*/,
*6777b538SAndroid Build Coastguard Worker                       answers, {} /* authority_records */,
*6777b538SAndroid Build Coastguard Worker                       {} /* additional records */, std::nullopt);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, SingleARecordAnswerWithQuestion) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,        // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // class IN
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name("www.example.com");
*6777b538SAndroid Build Coastguard Worker  std::optional<std::vector<uint8_t>> dns_name =
*6777b538SAndroid Build Coastguard Worker      dns_names_util::DottedNameToNetwork(dotted_name);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(dns_name.has_value());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  OptRecordRdata opt_rdata;
*6777b538SAndroid Build Coastguard Worker  opt_rdata.AddOpt(
*6777b538SAndroid Build Coastguard Worker      OptRecordRdata::UnknownOpt::CreateForTesting(255, "\xde\xad\xbe\xef"));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::optional<DnsQuery> query;
*6777b538SAndroid Build Coastguard Worker  query.emplace(0x1234 /* id */, dns_name.value(), dns_protocol::kTypeA,
*6777b538SAndroid Build Coastguard Worker                &opt_rdata);
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = dotted_name;
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* id */, true /* is_authoritative*/, answers,
*6777b538SAndroid Build Coastguard Worker                       {} /* authority_records */, {} /* additional records */,
*6777b538SAndroid Build Coastguard Worker                       query);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest,
*6777b538SAndroid Build Coastguard Worker     SingleAnswerWithQuestionConstructedFromSizeInflatedQuery) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,        // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // class IN
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name("www.example.com");
*6777b538SAndroid Build Coastguard Worker  std::optional<std::vector<uint8_t>> dns_name =
*6777b538SAndroid Build Coastguard Worker      dns_names_util::DottedNameToNetwork(dotted_name);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(dns_name.has_value());
*6777b538SAndroid Build Coastguard Worker  size_t buf_size =
*6777b538SAndroid Build Coastguard Worker      sizeof(dns_protocol::Header) + dns_name.value().size() + 2 /* qtype */ +
*6777b538SAndroid Build Coastguard Worker      2 /* qclass */ +
*6777b538SAndroid Build Coastguard Worker      10 /* extra bytes that inflate the internal buffer of a query */;
*6777b538SAndroid Build Coastguard Worker  auto buf = base::MakeRefCounted<IOBufferWithSize>(buf_size);
*6777b538SAndroid Build Coastguard Worker  std::ranges::fill(buf->span(), char{0});
*6777b538SAndroid Build Coastguard Worker  auto writer = base::SpanWriter(base::as_writable_bytes(buf->span()));
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(0x1234);                  // id
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(0);                       // flags, is query
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(1);                       // qdcount
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(0);                       // ancount
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(0);                       // nscount
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(0);                       // arcount
*6777b538SAndroid Build Coastguard Worker  writer.Write(dns_name.value());                    // qname
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(dns_protocol::kTypeA);    // qtype
*6777b538SAndroid Build Coastguard Worker  writer.WriteU16BigEndian(dns_protocol::kClassIN);  // qclass
*6777b538SAndroid Build Coastguard Worker  // buf contains 10 extra zero bytes.
*6777b538SAndroid Build Coastguard Worker  std::optional<DnsQuery> query;
*6777b538SAndroid Build Coastguard Worker  query.emplace(buf);
*6777b538SAndroid Build Coastguard Worker  query->Parse(buf_size);
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = dotted_name;
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* id */, true /* is_authoritative*/, answers,
*6777b538SAndroid Build Coastguard Worker                       {} /* authority_records */, {} /* additional records */,
*6777b538SAndroid Build Coastguard Worker                       query);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, SingleQuadARecordAnswer) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e',  'x',  'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c',  'o',  'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                                            // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x1c,                                      // type AAAA Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,                                      // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,                          // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x10,                                      // rdlength, 128 bits
*6777b538SAndroid Build Coastguard Worker      0xfd, 0x12, 0x34, 0x56, 0x78, 0x9a, 0x00, 0x01,  // fd12:3456:789a:1::1
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = "www.example.com";
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeAAAA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string(
*6777b538SAndroid Build Coastguard Worker      "\xfd\x12\x34\x56\x78\x9a\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01", 16));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* id */, true /* is_authoritative*/, answers,
*6777b538SAndroid Build Coastguard Worker                       {} /* authority_records */, {} /* additional records */,
*6777b538SAndroid Build Coastguard Worker                       std::nullopt);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest,
*6777b538SAndroid Build Coastguard Worker     SingleARecordAnswerWithQuestionAndNsecAdditionalRecord) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,        // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // class IN
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x2f,              // type NSEC Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x05,              // rdlength, 5 bytes
*6777b538SAndroid Build Coastguard Worker      0xc0, 0x0c,              // pointer to the previous "www.example.com"
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01, 0x40,        // type bit map of type A: window block 0, bitmap
*6777b538SAndroid Build Coastguard Worker                               // length 1, bitmap with bit 1 set
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name("www.example.com");
*6777b538SAndroid Build Coastguard Worker  std::optional<std::vector<uint8_t>> dns_name =
*6777b538SAndroid Build Coastguard Worker      dns_names_util::DottedNameToNetwork(dotted_name);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(dns_name.has_value());
*6777b538SAndroid Build Coastguard Worker  std::optional<DnsQuery> query;
*6777b538SAndroid Build Coastguard Worker  query.emplace(0x1234 /* id */, dns_name.value(), dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = dotted_name;
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord additional_record;
*6777b538SAndroid Build Coastguard Worker  additional_record.name = dotted_name;
*6777b538SAndroid Build Coastguard Worker  additional_record.type = dns_protocol::kTypeNSEC;
*6777b538SAndroid Build Coastguard Worker  additional_record.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  additional_record.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  // Bitmap for "www.example.com" with type A set.
*6777b538SAndroid Build Coastguard Worker  additional_record.SetOwnedRdata(std::string("\xc0\x0c\x00\x01\x40", 5));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> additional_records(1, additional_record);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* id */, true /* is_authoritative*/, answers,
*6777b538SAndroid Build Coastguard Worker                       {} /* authority_records */, additional_records, query);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, TwoAnswersWithAAndQuadARecords) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x34,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x02,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e',  'x',  'a',  'm',  'p', 'l', 'e',
*6777b538SAndroid Build Coastguard Worker      0x03, 'c',  'o',  'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker      0x07, 'e',  'x',  'a',  'm',  'p',  'l',  'e',  0x03, 'o', 'r', 'g',
*6777b538SAndroid Build Coastguard Worker      0x00,                                            // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x1c,                                      // type AAAA Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,                                      // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x3c,                          // TTL, 60 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x10,                                      // rdlength, 128 bits
*6777b538SAndroid Build Coastguard Worker      0xfd, 0x12, 0x34, 0x56, 0x78, 0x9a, 0x00, 0x01,  // fd12:3456:789a:1::1
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer1;
*6777b538SAndroid Build Coastguard Worker  answer1.name = "www.example.com";
*6777b538SAndroid Build Coastguard Worker  answer1.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer1.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer1.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer1.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer2;
*6777b538SAndroid Build Coastguard Worker  answer2.name = "example.org";
*6777b538SAndroid Build Coastguard Worker  answer2.type = dns_protocol::kTypeAAAA;
*6777b538SAndroid Build Coastguard Worker  answer2.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer2.ttl = 60;
*6777b538SAndroid Build Coastguard Worker  answer2.SetOwnedRdata(std::string(
*6777b538SAndroid Build Coastguard Worker      "\xfd\x12\x34\x56\x78\x9a\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01", 16));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(2);
*6777b538SAndroid Build Coastguard Worker  answers[0] = answer1;
*6777b538SAndroid Build Coastguard Worker  answers[1] = answer2;
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* id */, true /* is_authoritative*/, answers,
*6777b538SAndroid Build Coastguard Worker                       {} /* authority_records */, {} /* additional records */,
*6777b538SAndroid Build Coastguard Worker                       std::nullopt);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, AnswerWithAuthorityRecord) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x35,  // ID
*6777b538SAndroid Build Coastguard Worker      0x84, 0x00,  // flags, response with authoritative answer
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker      0x03, 'w',  'w',  'w',  0x07, 'e', 'x', 'a',
*6777b538SAndroid Build Coastguard Worker      'm',  'p',  'l',  'e',  0x03, 'c', 'o', 'm',
*6777b538SAndroid Build Coastguard Worker      0x00,                    // null label
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // type A Record
*6777b538SAndroid Build Coastguard Worker      0x00, 0x01,              // class IN
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00, 0x00, 0x78,  // TTL, 120 seconds
*6777b538SAndroid Build Coastguard Worker      0x00, 0x04,              // rdlength, 32 bits
*6777b538SAndroid Build Coastguard Worker      0xc0, 0xa8, 0x00, 0x01,  // 192.168.0.1
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord record;
*6777b538SAndroid Build Coastguard Worker  record.name = "www.example.com";
*6777b538SAndroid Build Coastguard Worker  record.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  record.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  record.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  record.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> authority_records(1, record);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1235 /* response_id */, true /* is_authoritative*/,
*6777b538SAndroid Build Coastguard Worker                       {} /* answers */, authority_records,
*6777b538SAndroid Build Coastguard Worker                       {} /* additional records */, std::nullopt);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, AnswerWithRcode) {
*6777b538SAndroid Build Coastguard Worker  const uint8_t response_data[] = {
*6777b538SAndroid Build Coastguard Worker      0x12, 0x12,  // ID
*6777b538SAndroid Build Coastguard Worker      0x80, 0x03,  // flags (response with non-existent domain)
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of questions
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of answer rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of name server rr
*6777b538SAndroid Build Coastguard Worker      0x00, 0x00,  // number of additional rr
*6777b538SAndroid Build Coastguard Worker  };
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1212 /* response_id */, false /* is_authoritative*/,
*6777b538SAndroid Build Coastguard Worker                       {} /* answers */, {} /* authority_records */,
*6777b538SAndroid Build Coastguard Worker                       {} /* additional records */, std::nullopt,
*6777b538SAndroid Build Coastguard Worker                       dns_protocol::kRcodeNXDOMAIN);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  std::string expected_response(reinterpret_cast<const char*>(response_data),
*6777b538SAndroid Build Coastguard Worker                                sizeof(response_data));
*6777b538SAndroid Build Coastguard Worker  std::string actual_response(response.io_buffer()->data(),
*6777b538SAndroid Build Coastguard Worker                              response.io_buffer_size());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(expected_response, actual_response);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(dns_protocol::kRcodeNXDOMAIN, response.rcode());
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// CNAME answers are always allowed for any question.
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, AAAAQuestionAndCnameAnswer) {
*6777b538SAndroid Build Coastguard Worker  const std::string kName = "www.example.com";
*6777b538SAndroid Build Coastguard Worker  std::optional<std::vector<uint8_t>> dns_name =
*6777b538SAndroid Build Coastguard Worker      dns_names_util::DottedNameToNetwork(kName);
*6777b538SAndroid Build Coastguard Worker  ASSERT_TRUE(dns_name.has_value());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = kName;
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeCNAME;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(
*6777b538SAndroid Build Coastguard Worker      std::string(reinterpret_cast<char*>(dns_name.value().data()),
*6777b538SAndroid Build Coastguard Worker                  dns_name.value().size()));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::optional<DnsQuery> query(std::in_place, 114 /* id */, dns_name.value(),
*6777b538SAndroid Build Coastguard Worker                                dns_protocol::kTypeAAAA);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(114 /* response_id */, true /* is_authoritative*/,
*6777b538SAndroid Build Coastguard Worker                       answers, {} /* authority_records */,
*6777b538SAndroid Build Coastguard Worker                       {} /* additional records */, query);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, WrittenResponseCanBeParsed) {
*6777b538SAndroid Build Coastguard Worker  std::string dotted_name("www.example.com");
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord answer;
*6777b538SAndroid Build Coastguard Worker  answer.name = dotted_name;
*6777b538SAndroid Build Coastguard Worker  answer.type = dns_protocol::kTypeA;
*6777b538SAndroid Build Coastguard Worker  answer.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  answer.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  answer.SetOwnedRdata(std::string("\xc0\xa8\x00\x01", 4));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> answers(1, answer);
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord additional_record;
*6777b538SAndroid Build Coastguard Worker  additional_record.name = dotted_name;
*6777b538SAndroid Build Coastguard Worker  additional_record.type = dns_protocol::kTypeNSEC;
*6777b538SAndroid Build Coastguard Worker  additional_record.klass = dns_protocol::kClassIN;
*6777b538SAndroid Build Coastguard Worker  additional_record.ttl = 120;  // 120 seconds.
*6777b538SAndroid Build Coastguard Worker  additional_record.SetOwnedRdata(std::string("\xc0\x0c\x00\x01\x04", 5));
*6777b538SAndroid Build Coastguard Worker  std::vector<DnsResourceRecord> additional_records(1, additional_record);
*6777b538SAndroid Build Coastguard Worker  DnsResponse response(0x1234 /* response_id */, true /* is_authoritative*/,
*6777b538SAndroid Build Coastguard Worker                       answers, {} /* authority_records */, additional_records,
*6777b538SAndroid Build Coastguard Worker                       std::nullopt);
*6777b538SAndroid Build Coastguard Worker  ASSERT_NE(nullptr, response.io_buffer());
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(response.id(), testing::Optional(0x1234));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(1u, response.answer_count());
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(1u, response.additional_answer_count());
*6777b538SAndroid Build Coastguard Worker  auto parser = response.Parser();
*6777b538SAndroid Build Coastguard Worker  net::DnsResourceRecord parsed_record;
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&parsed_record));
*6777b538SAndroid Build Coastguard Worker  // Answer with an A record.
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(answer.name, parsed_record.name);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(answer.type, parsed_record.type);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(answer.klass, parsed_record.klass);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(answer.ttl, parsed_record.ttl);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(answer.owned_rdata, parsed_record.rdata);
*6777b538SAndroid Build Coastguard Worker  // Additional NSEC record.
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(parser.ReadRecord(&parsed_record));
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(additional_record.name, parsed_record.name);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(additional_record.type, parsed_record.type);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(additional_record.klass, parsed_record.klass);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(additional_record.ttl, parsed_record.ttl);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(additional_record.owned_rdata, parsed_record.rdata);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerTEST(DnsResponseWriteTest, CreateEmptyNoDataResponse) {
*6777b538SAndroid Build Coastguard Worker  DnsResponse response = DnsResponse::CreateEmptyNoDataResponse(
*6777b538SAndroid Build Coastguard Worker      /*id=*/4,
*6777b538SAndroid Build Coastguard Worker      /*is_authoritative=*/true, base::as_byte_span("\x04name\x04test\x00"),
*6777b538SAndroid Build Coastguard Worker      dns_protocol::kTypeA);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.IsValid());
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(response.id(), testing::Optional(4));
*6777b538SAndroid Build Coastguard Worker  EXPECT_TRUE(response.flags() & dns_protocol::kFlagAA);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(response.question_count(), 1u);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(response.answer_count(), 0u);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(response.authority_count(), 0u);
*6777b538SAndroid Build Coastguard Worker  EXPECT_EQ(response.additional_answer_count(), 0u);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(response.qtypes(), testing::ElementsAre(dns_protocol::kTypeA));
*6777b538SAndroid Build Coastguard Worker  EXPECT_THAT(response.dotted_qnames(), testing::ElementsAre("name.test"));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker}  // namespace
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker}  // namespace net