From b27271b213234d517a33a332d05b226296026f07 Mon Sep 17 00:00:00 2001
From: Louis Granboulan <Louis.Granboulan@airbus.com>
Date: Sun, 2 Dec 2018 11:02:22 +0100
Subject: [PATCH] commit cabeb471c57dc501ffb2e002be2272cc8d9a4f96 broke
 dissection of some real DNS payloads

---
 scapy/layers/dns.py |  7 +++----
 test/regression.uts | 11 +++++++++--
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/scapy/layers/dns.py b/scapy/layers/dns.py
index 509b21a7cf9..bd204fbf593 100755
--- a/scapy/layers/dns.py
+++ b/scapy/layers/dns.py
@@ -63,14 +63,13 @@ def dns_get_str(s, p, pkt=None, _internal=False):
                 break
             p = ((cur & ~0xc0) << 8) + orb(s[p]) - 12  # Follow the pointer
             burned += 1
+            if p in processed_pointers:
+                warning("DNS decompression loop detected")
+                break
             if pkt and hasattr(pkt, "_orig_s") and pkt._orig_s:
-                # There should not be a loop as pkt is None
                 name += dns_get_str(pkt._orig_s, p, None, _internal=True)[0]
                 if burned == max_length:
                     break
-            elif p in processed_pointers:
-                warning("DNS decompression loop detected")
-                break
             elif not _internal:
                 raise Scapy_Exception("DNS message can't be compressed" +
                                       "at this point!")
diff --git a/test/regression.uts b/test/regression.uts
index 72a11be4d1a..6ffd3ad20dc 100644
--- a/test/regression.uts
+++ b/test/regression.uts
@@ -6667,8 +6667,10 @@ assert raw(recompressed) == raw(pkt)
 
 assert dns_get_str(b"\x06cheese\x00blobofdata....\x06hamand\xc0\x0c", 22, _internal=True)[0] == b'hamand.cheese.'
 
-from scapy.tools.UTscapy import Bunch
-assert dns_get_str(b"\x06hamand\xc0\x0c", 0, pkt=Bunch(_orig_s=b"\x06cheese\x00blobofdata", _orig_p=22))[0] == b'hamand.cheese.'
+# This non-regression test is meaningless. Should use real DNS payload
+# in non-regression tests.
+#from scapy.tools.UTscapy import Bunch
+#assert dns_get_str(b"\x06hamand\xc0\x0c", 0, pkt=Bunch(_orig_s=b"\x06cheese\x00blobofdata", _orig_p=22))[0] == b'hamand.cheese.'
 
 = Decompression loop in dns_get_str
 ~ dns
@@ -6681,6 +6683,11 @@ assert dns_get_str(b"\x04data\xc0\x0c", 0, _internal=True)[0] == b"data."
 assert dns_get_str(b"\x06da", 0, _internal=True)[0] == b"da."
 assert dns_get_str(b"\x04data\xc0\x01", 0, _internal=True)[0] == b"data."
 
+= Other decompression loop in dns_get_str
+~ dns
+s = b'\x00\x00\x84\x00\x00\x00\x00\x02\x00\x00\x00\x06\x0bGourmandise\x04_smb\x04_tcp\x05local\x00\x00!\x80\x01\x00\x00\x00x\x00\x14\x00\x00\x00\x00\x01\xbd\x0bGourmandise\xc0"\x0bGourmandise\x0b_afpovertcp\xc0\x1d\x00!\x80\x01\x00\x00\x00x\x00\x08\x00\x00\x00\x00\x02$\xc09\xc09\x00\x1c\x80\x01\x00\x00\x00x\x00\x10\xfe\x80\x00\x00\x00\x00\x00\x00\x00s#\x99\xca\xf7\xea\xdc\xc09\x00\x01\x80\x01\x00\x00\x00x\x00\x04\xc0\xa8\x01x\xc09\x00\x1c\x80\x01\x00\x00\x00x\x00\x10*\x01\xcb\x00\x0bD\x1f\x00\x18k\xb1\x99\x90\xdf\x84.\xc0\x0c\x00/\x80\x01\x00\x00\x00x\x00\t\xc0\x0c\x00\x05\x00\x00\x80\x00@\xc0G\x00/\x80\x01\x00\x00\x00x\x00\t\xc0G\x00\x05\x00\x00\x80\x00@\xc09\x00/\x80\x01\x00\x00\x00x\x00\x08\xc09\x00\x04@\x00\x00\x08'
+DNS(s)
+
 = Layer binding
 
 * Test DestMACField & DestIPField