From ca4b181d3516f948d85c9492c4301d2cfcc1d1f1 Mon Sep 17 00:00:00 2001
From: FlyingWithJerome <jxm959@case.edu>
Date: Wed, 29 Sep 2021 14:39:24 -0400
Subject: [PATCH] add a dns https test case

---
 src/analyzer/protocol/dns/DNS.cc                  |  10 ++++++++++
 .../scripts.base.protocols.dns.https/output       |   3 +++
 testing/btest/Traces/dns-https.pcap               | Bin 0 -> 329 bytes
 .../base/protocols/dns/{svcb.zeek => https.zeek}  |   0
 4 files changed, 13 insertions(+)
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.dns.https/output
 create mode 100644 testing/btest/Traces/dns-https.pcap
 rename testing/btest/scripts/base/protocols/dns/{svcb.zeek => https.zeek} (100%)

diff --git a/src/analyzer/protocol/dns/DNS.cc b/src/analyzer/protocol/dns/DNS.cc
index b48e516707..c43888cb18 100644
--- a/src/analyzer/protocol/dns/DNS.cc
+++ b/src/analyzer/protocol/dns/DNS.cc
@@ -1706,6 +1706,15 @@ bool DNS_Interpreter::ParseRR_SVCB(detail::DNS_MsgInfo* msg, const u_char*& data
 		if ( ! name_end )
 			return false;
 
+		// target name can be root - in this case the alternative endpoint is
+		// qname itself. make sure that we print "." instead of an empty string
+		if ( name_end - target_name == 0 )
+			{
+			target_name[0] = '.';
+			target_name[1] = '\0';
+			name_end = target_name+1;
+			}
+
 		SVCB_DATA svcb_data = {
 			.svc_priority = svc_priority,
 			.target_name = new String(target_name, name_end - target_name, true),
@@ -1724,6 +1733,7 @@ bool DNS_Interpreter::ParseRR_SVCB(detail::DNS_MsgInfo* msg, const u_char*& data
 				analyzer->EnqueueConnEvent(dns_HTTPS, analyzer->ConnVal(), msg->BuildHdrVal(),
 		                           msg->BuildAnswerVal(), msg->BuildSVCB_Val(&svcb_data));
 				break;
+			default: break; // unreachable. for suppressing compiler warnings.
 		}
 		return true;
 	}
diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.https/output b/testing/btest/Baseline/scripts.base.protocols.dns.https/output
new file mode 100644
index 0000000000..c94e491f7a
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.dns.https/output
@@ -0,0 +1,3 @@
+[svc_priority=1, target_name=., svc_params={
+
+}]
\ No newline at end of file
diff --git a/testing/btest/Traces/dns-https.pcap b/testing/btest/Traces/dns-https.pcap
new file mode 100644
index 0000000000000000000000000000000000000000..b2c397e62e6cd614e7efe3af28da6dfd200399ab
GIT binary patch
literal 329
zcmca|c+)~A1{MYcU}0bcayB)GB=#(3XGjFHL3ql<`oO~aCC$&pDw#MKTp1XG112yq
zI0!BaJ+Oi?8HgFbF)^4j*e_B4G@nrcYy<-XBUf@xerZZtPGV6ib8>zz1A`+-MpFQ2
zAQ12{a4~T3Uh$okllJX7*g}2|h7CXo5QbO<u@-FMBDpmVKnth80$B#Kl))5eWuK?S
zr}>QyKx09!#%kdK9*DIJjST)ERg4T0Oc}<k8OFLsmSEBXOqw%g7y$!<BSWC&X@)@S
ZQwBB$1vNHzps5f55=Z3&)xiD2002kTOGN+x

literal 0
HcmV?d00001

diff --git a/testing/btest/scripts/base/protocols/dns/svcb.zeek b/testing/btest/scripts/base/protocols/dns/https.zeek
similarity index 100%
rename from testing/btest/scripts/base/protocols/dns/svcb.zeek
rename to testing/btest/scripts/base/protocols/dns/https.zeek