Fix incorrect host header memmove()s. Fixes #47

Small fix for dnsredir
Parse DNS packet only when DNS redirection is enabled
2025-12-17 12:54:36 +03:00 · 2017-12-13 01:42:29 +03:00 · 2017-12-10 20:44:50 +03:00 · 2017-12-09 02:36:45 +03:00 · 2017-12-07 22:38:41 +03:00 · 2017-12-07 22:38:21 +03:00
3 changed files with 53 additions and 15 deletions
--- a/dnsredir.c
+++ b/dnsredir.c
@@ -50,6 +50,22 @@ typedef struct udp_connrecord {
 static time_t last_cleanup = 0;
 static udp_connrecord_t *conntrack = NULL;

+void flush_dns_cache() {
+    BOOL WINAPI (*DnsFlushResolverCache)();
+
+    HMODULE dnsapi = LoadLibrary("dnsapi.dll");
+    if (dnsapi == NULL)
+    {
+        printf("Can't load dnsapi.dll to flush DNS cache!\n");
+        exit(EXIT_FAILURE);
+    }
+
+    DnsFlushResolverCache = (void*)GetProcAddress(dnsapi, "DnsFlushResolverCache");
+    if (DnsFlushResolverCache == NULL || !DnsFlushResolverCache())
+        printf("Can't flush DNS cache!");
+    FreeLibrary(dnsapi);
+}
+
 inline static void construct_key(const uint32_t srcip, const uint16_t srcport, char *key) {
    debug("Construct key enter\n");
    if (key) {
--- a/dnsredir.h
+++ b/dnsredir.h
@@ -15,3 +15,5 @@ int dns_handle_incoming(const uint32_t srcip, const uint16_t srcport,
 int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
                        const uint32_t dstip, const uint16_t dstport,
                        const char *packet_data, const UINT packet_dataLen);
+
+void flush_dns_cache();
--- a/goodbyedpi.c
+++ b/goodbyedpi.c
@@ -22,6 +22,7 @@
 #define TCP_HDR_LEN 20
 #define IPV4_TOTALLEN_OFFSET 2
 #define TCP_WINDOWSIZE_OFFSET 14
+#define HOST_MAXLEN 253

 #define DIVERT_NO_LOCALNETS_DST "(" \
                   "(ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and " \
@@ -64,7 +65,8 @@ static struct option long_options[] = {
    {0,           0,                 0,   0  }
 };

-static char *filter_string = "(ip and tcp and "
+static char *filter_string = NULL;
+static char *filter_string_template = "(ip and tcp and "
        "(inbound and (("
         "((ip.Id == 0x0001 or ip.Id == 0x0000) and tcp.SrcPort == 80 and tcp.Ack) or "
         "((tcp.SrcPort == 80 or tcp.SrcPort == 443) and tcp.Ack and tcp.Syn)"
@@ -251,6 +253,11 @@ int main(int argc, char *argv[]) {
    char *hdr_name_addr = NULL, *hdr_value_addr = NULL;
    int hdr_value_len;

+    if (filter_string == NULL) {
+        filter_string = malloc(strlen(filter_string_template) + 1);
+        strcpy(filter_string, filter_string_template);
+    }
+
    printf("GoodbyeDPI: Passive DPI blocker and Active DPI circumvention utility\n");

    if (argc == 1) {
@@ -319,25 +326,37 @@ int main(int argc, char *argv[]) {
                    printf("Port parameter error!\n");
                    exit(EXIT_FAILURE);
                }
-                add_filter_str(IPPROTO_TCP, i);
+                if (i != 80 && i != 443)
+                    add_filter_str(IPPROTO_TCP, i);
                i = 0;
                break;
            case 'd':
-                do_dns_redirect = 1;
-                dns_addr = inet_addr(optarg);
-                if (!dns_addr) {
-                    printf("DNS address parameter error!\n");
-                    exit(EXIT_FAILURE);
+                if (!do_dns_redirect) {
+                    do_dns_redirect = 1;
+                    dns_addr = inet_addr(optarg);
+                    if (!dns_addr) {
+                        printf("DNS address parameter error!\n");
+                        exit(EXIT_FAILURE);
+                    }
+                    add_filter_str(IPPROTO_UDP, 53);
+                    flush_dns_cache();
                }
-                add_filter_str(IPPROTO_UDP, 53);
                break;
            case 'g':
+                if (!do_dns_redirect) {
+                    printf("--dns-port should be used with --dns-addr!\n"
+                        "Make sure you use --dns-addr and pass it before "
+                        "--dns-port\n");
+                    exit(EXIT_FAILURE);
+                }
                dns_port = atoi(optarg);
                if (dns_port <= 0 || dns_port > 65535) {
                    printf("DNS port parameter error!\n");
                    exit(EXIT_FAILURE);
                }
-                add_filter_str(IPPROTO_UDP, dns_port);
+                if (dns_port != 53) {
+                    add_filter_str(IPPROTO_UDP, dns_port);
+                }
                dns_port = ntohs(dns_port);
                break;
            default:
@@ -445,7 +464,7 @@ int main(int argc, char *argv[]) {
                        host_addr = hdr_value_addr;
                        host_len = hdr_value_len;

-                        if (do_host_mixedcase && host_len > 0 && host_len <= 253) {
+                        if (do_host_mixedcase && host_len > 0 && host_len <= HOST_MAXLEN) {
                            mix_case(host_addr, host_len);
                            should_recalc_checksum = 1;
                        }
@@ -486,7 +505,7 @@ int main(int argc, char *argv[]) {
                                 *
                                 * Nothing is done if User-Agent header is missing.
                                 */
-                                if (host_len > 0 && host_len <= 253 &&
+                                if (host_len > 0 && host_len <= HOST_MAXLEN &&
                                    useragent_addr && useragent_len > 0) {
                                    /* useragent_addr is in the beginning of User-Agent value */

@@ -494,7 +513,8 @@ int main(int argc, char *argv[]) {
                                        /* Move one byte to the LEFT from "Host:"
                                        * to the end of User-Agent
                                        */
-                                        memmove(host_addr - 1, host_addr, useragent_len);
+                                        memmove(host_addr - 1, host_addr,
+                                                (PVOID)useragent_addr + useragent_len - (PVOID)host_addr);
                                        host_addr -= 1;
                                        /* Put space in the end of User-Agent header */
                                        *(char*)((PVOID)useragent_addr + useragent_len - 1) = ' ';
@@ -509,13 +529,13 @@ int main(int argc, char *argv[]) {
                                        */
                                        memmove((PVOID)useragent_addr + useragent_len + 1,
                                                (PVOID)useragent_addr + useragent_len,
-                                                useragent_len - 1);
+                                                (PVOID)host_addr - 1 - ((PVOID)useragent_addr + useragent_len));
                                        /* Put space in the end of User-Agent header */
                                        *(char*)((PVOID)useragent_addr + useragent_len) = ' ';
                                        should_recalc_checksum = 1;
                                        //printf("Replaced Host header!\n");
                                    }
-                                } /* if (host_len <= 253 && useragent_addr) */
+                                } /* if (host_len <= HOST_MAXLEN && useragent_addr) */
                            } /* if (find_header_and_get_info http_useragent) */
                        } /* else if (do_host_removespace) */
                    } /* if (find_header_and_get_info http_host) */
@@ -541,7 +561,7 @@ int main(int argc, char *argv[]) {
            }

            /* Else if we got UDP packet with data */
-            else if (WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
+            else if (do_dns_redirect && WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
                NULL, NULL, NULL, NULL, &ppUdpHdr, &packet_data, &packet_dataLen)) {

                if (addr.Direction == WINDIVERT_DIRECTION_INBOUND) {
Author	SHA1	Message	Date
ValdikSS	5f231996d4	Fix incorrect host header memmove()s. Fixes #47	2017-12-13 01:42:29 +03:00
ValdikSS	81718f1a53	Small fix for dnsredir	2017-12-10 20:44:50 +03:00
ValdikSS	064cf575b6	Parse DNS packet only when DNS redirection is enabled	2017-12-09 02:36:45 +03:00
ValdikSS	a67f42eebc	Use defined HOST_MAXLEN	2017-12-07 22:38:41 +03:00
ValdikSS	363b2dca37	Flush DNS cache if --dns-addr is used	2017-12-07 22:38:21 +03:00
ValdikSS	1e8835cfe5	Small fixes	2017-12-07 13:03:01 +03:00