Question
For a project, I've to read mDNS responses.
I read the IETF doc(and tcpguide, which contains a lot of schema) , and I think I'm respecting them, but I've an issue.
Often I'm trying to read my stream, but the stream is too short for data I'm trying to read.
I had several cases, and I think I'm missing something.
One concrete example: I receive this(I've made a small "response parser" to see what I receive and "decode" it:
https://stackoverflow.com/questions/14955042
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian0000000000000000 0 ID
1 True IsResponse
0000 0 Opcode
1 True Authoritative
0 False Truncation
0 False Recursion desired
0 False Recursion available
000 000 Zero
0000 0 RCode
0000000000000000 0 Question count
0000000000000100 4 Answers count
0000000000000000 0 Authority count
0000000000000000 0 Additional count
Answers:
00001001 9 Size
01011111 _
01110011 s
01100101 e
01110010 r
01110110 v
01101001 i
01100011 c
01100101 e
01110011 s
00000111 7 Size
01011111 _
01100100 d
01101110 n
01110011 s
00101101 -
01110011 s
01100100 d
00000100 4 Size
01011111 _
01110101 u
01100100 d
01110000 p
00000101 5 Size
01101100 l
01101111 o
01100011 c
01100001 a
01101100 l
00000000 0 Size
00000000 0 Size
00001100 12 Size
00000000
00000001 ?
00000000
00000000
00011100 ?
00100000
00000000
00010111 ?
00001111 ¤
01011111 _
01110000 p
01100100 d
01101100 108 Size
00101101 -
01100100 d
01100001 a
01110100 t
01100001 a
01110011 s
01110100 t
01110010 r
01100101 e
01100001 a
01101101 m
00000100 ?
01011111 _
01110100 t
01100011 c
01110000 p
11000000 ?
00100011 #
11000000 ?
00001100 ?
00000000
00001100 ?
00000000
00000001 ?
00000000
00000000
00011100 ?
00100000
00000000
00001011 ?
00001000
01011111 _
01110000 p
01110010 r
01101001 i
01101110 n
01110100 t
01100101 e
01110010 r
11000000 ?
01000100 D
11000000 ?
00001100 ?
00000000
00001100 ?
00000000
00000001 ?
00000000
00000000
00011100 ?
00100000
00000000
00000111
00000100 ?
01011111 _
01101001 i
01110000 p
01110000 p
11000000 ?
01000100 D
11000000 ?
00001100 ?
00000000
00001100 ?
00000000
00000001 ?
00000000
00000000
00011100 ?
00100000
00000000
00001000
00000101 ?
01011111 _
01101000 h
01110100 t
01110100 t
01110000 p
11000000 ?
01000100 D
out of range out of range
out of range out of range
[...]
I don't understand why I don't have enough data here. Truncation bit is set to false, so I should have all data in this packet, the 01101100 really means a size of 108, and I've only ~75 bytes here. So what am I doing wrong? This problem seems to happens mostly with packets containing answers.
Solution
In fact, the problem was that the protocol has a compression defined. If the size of the next chains starts with 11xx xxxx, it means it's a pointer to a previous string, xx xxxx is the byte index of the stream.
I wasn't reading this, meaning that I was reading the 11xx xxxx has a length, giving me an huge length that was frequently out of range.
