Hi,
I was working on a feature based on dns packet parsing in the VPN solution of my app on iOS.
I was using the dns_parse_packet api from dnsutils.h class, which was able to parse dns requests and reply packets from raw bytes quite efficiently.
I had tested this flow on iOS 15.2 but after updating to iOS 15.5 this api does not seem to work anymore.
Has this API been deprecated or is this a bug in iOS 15.5?
Has this API been deprecated … ?
This API has not been deprecated, although it’s not exactly recommended either.
As to what’s going wrong, I’m not sure. Consider the following code:
const uint8_t packet[] = {
0x09, 0x1E, 0x81, 0xA0, 0x00, 0x01, 0x00, 0x01,
0x00, 0x00, 0x00, 0x01, 0x07, 0x65, 0x78, 0x61,
0x6D, 0x70, 0x6C, 0x65, 0x03, 0x63, 0x6F, 0x6D,
0x00, 0x00, 0x01, 0x00, 0x01, 0xC0, 0x0C, 0x00,
0x01, 0x00, 0x01, 0x00, 0x01, 0x41, 0xCD, 0x00,
0x04, 0x5D, 0xB8, 0xD8, 0x22, 0x00, 0x00, 0x29,
0x04, 0xD0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
dns_reply_t * reply = dns_parse_packet( (const char *) packet, sizeof(packet));
if (reply != NULL) {
NSLog(@"reply: %p", reply);
dns_free_reply(reply);
}
It works on the iOS 15.2 simulator but fails on the iOS 15.5 one (and on real hardware running iOS 15.5). Weird.
Please file a bug about this and then post your bug number here.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Thanks, I logged the bug: 10029485
I have a suspicion that this problem is related to the libresolv security patches applied in https://support.apple.com/en-us/HT213257 and https://support.apple.com/en-us/HT213256 to macOS. Presumably this same libresolv security fix was also applied to iOS.
I logged the bug:
FB10029485
Thanks.
Presumably this same libresolv security fix was also applied to iOS.
That’s a reasonably presumption.
At this point I suspect that this is Just a Bug™ but I’ll see if I can learn more once the relevant folks get back to work after the (US) Memorial Day holiday.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
I did some more testing on this today. It seems that the problem affects macOS as well as iOS. I put the test code above into a command-line tools project and the code works an macOS 12.3.1 but fails on macOS 12.4.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Checking the GitHub copy of the code for libresolv68 and libresolv68.120.2, it looks like a change in dns_util.c from == to >= in line 243 (v68) / line 246 (v68.120.2) winds up triggering this. With that reverted, the function operates as expected. That said, this change could be needed for the above security patch, and the resultant null afterwards is an unintended side-effect, so if you opt to make a local function copy, beware.
if you opt to make a local function copy, beware
Yes!
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
My understanding is that this fix shipped in iOS 15.6.1.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Do we also know which versions of macOS 11.x and 12.x are impacted by this issue?