0

I try to debug my reverse DNS request subroutine, and I need a DNS that's longer than 40 characters, because apparently that's how many bytes Dnsapi reserves in memory.

So I want to see what happens when NameHost in a PTR structure exceeds 40 bytes. Specifically, I expect that the reserved memory for the structure is going to be extended and padded with 0s, but I need to test that.

So does anyone know a DNS longer than 40 characters? Something like verylonglabel1.verylonglabel2.example.com.

Simon
  • 3,943
  • 2
  • 24
  • 40
Chris
  • 329
  • 1
  • 3
  • 9

1 Answers1

7

So does anyone know a dns longer than 40 characters?

No, but I typed world's longest domain name into Google and found this:

www.thelongestdomainnameintheworldandthensomeandthensomemoreandmore.com

Now I do.

40 characters, because apparently that's how many bytes Dnsapi reserves in memory.

Noting that 40 characters is not necessarily 40 bytes (Unicode), you might want to read the documentation, I did and I couldn't find anything to suggest a 40 byte limit.

This RFC doesn't seem to suggest any arbitrary limits on DNS records in this regard, at least from a cursory glance.

ta.speot.is
  • 14,205
  • 3
  • 33
  • 48
  • is not limited to 40 bytes, but if the dns is shorter than 40 characters, is stored in 40 bytes and padded with 0s at the end – Chris Apr 22 '13 at 09:42
  • @user1410908 Padding with `'0'` or padded with `NULL`? Because if it's padded with `NULL` you might not be looking at a 40 byte string, you might be looking at a buffer overflow. Surely it's just a null terminated string and you treat it as such? – ta.speot.is Apr 22 '13 at 09:43
  • I just tried your suggested domain, and a dns request returned 94.126.42.50, and when I did a reverse dns request (PTR) on this IP I get "seriously.nothingtoseehere.org" .. lol .. which is under 40 chars. – Chris Apr 22 '13 at 09:47
  • Just go down the list of Google results. – ta.speot.is Apr 22 '13 at 09:48
  • my scripting language (AHK) can't actually tell a difference between '0' and NULL. I'm reading byte by byte in memory and I see the entire structure .. there is no overflow – Chris Apr 22 '13 at 09:53
  • It's weird .. all the long domains return an IP, on which if I do a reverse dns it returns a different and shorter (under 40 chars) domain – Chris Apr 22 '13 at 09:55
  • AHK seems pretty flexible http://www.autohotkey.com/board/topic/80585-how-to-manipulate-binary-data-with-pointers/#entry86227 You can't compare it to `Chr(0)`? – ta.speot.is Apr 22 '13 at 09:56
  • This is what I get from memory 0x61:0x6D:0x65:0x6C:0x69:0x61:0x68:0x6F:0x75:0x73:0x65:0x2E:0x70:0x6C:0x75:0x73:0x2E:0x63:0x6F:0x6D:0x0:0x0:0x0:0x0:0x78:0xA1:0x1E:0x43:0x2D:0x59:, and if I call Chr(byte) on each byte : ameliahouse.plus.com\>FDŽ .. the 4 0s at the end seems to mark the end of the string – Chris Apr 22 '13 at 10:06
  • Surely the one `0x0` at the end is the last character plus one? It's a null terminated string. – ta.speot.is Apr 22 '13 at 10:07
  • This is what I'm not sure about, if it's a NULL terminated string or not. I'm not sure where I should stop reading . I'm afraid that at one point the string is not null terminated, and read more than I should. I'm not sure how the DNS_RECORD structure is stored in memory. – Chris Apr 22 '13 at 10:14
  • From it's usage [here](http://support.microsoft.com/kb/831226), `PTR.pNameHost` is null terminated, otherwise it would not work correctly with `printf`. – ta.speot.is Apr 22 '13 at 10:24
  • Oh, I actually read that example, but I'm not good at C and didn't know that printf requires null terminated string. Thanks, I'll follow your advise. – Chris Apr 22 '13 at 10:33