Monday, August 06, 2018
I guess we'll see how well CBOR works
The Corporate Overlords of The Corporation have spoken, and lo, they said “Worry not, for you do not have to deal with the stupidity—we shall deal.” So great, we don't have to drink the REST/HTTPS über alles Kool-Aid™, but instead query our Corporate Overlords for the data, who have drunk the REST/HTTPS über alles Kool-Aid™ (or were forced to by the company we query for the data—the end effect is the same though).
Sigh.
So for now, we still make our queries via UDP, only now in CBOR—the legacy format of DNS is apparently too arcane to support any more.
I have a Lua module but we also need one in C. There are some existing ones, but they have their issues (either an alien build system or missing some critical CBOR feature) so I've been working on a C library I started a few years ago and never finished.
It's working now,
and to test it,
I've been using valgrind
to ensure memory safety,
in addition to using /dev/urandom
to generate random garbage:
GenericUnixPrompt% dd if=/dev/urandom count=2 | tee bad-data | valgrind ./testdecoder
dd
is one of those relatively arcane Unix programs that I find useful on occasion
(like here to generate some random data). tee
I use to record the data so I can play it back when valgrind
finds an issue.
This is a reasonable way to fuzz a program.
It did find several issues that could have lead to a crash,
and I don't leak any memory so the code should be good to go.