fix ParseFromMsg to only parse Answer section

Mzack9999 · Mzack9999 · commit 2d40354f957e · 2026-03-21T02:32:01.000+01:00
Closes #279 Made-with: Cursor
diff --git a/client.go b/client.go
@@ -800,9 +800,7 @@ func (d *DNSData) ParseFromRR(rrs []dns.RR) error {
 
 // ParseFromMsg and enrich data
 func (d *DNSData) ParseFromMsg(msg *dns.Msg) error {
-	allRecords := append(msg.Answer, msg.Extra...)
-	allRecords = append(allRecords, msg.Ns...)
-	return d.ParseFromRR(allRecords)
+	return d.ParseFromRR(msg.Answer)
 }
 
 func (d *DNSData) ParseFromEnvelopeChan(envChan chan *dns.Envelope) error {
diff --git a/client_test.go b/client_test.go
@@ -171,6 +171,55 @@ func TestTrace(t *testing.T) {
 	require.Nil(t, err, "could not resolve dns")
 }
 
+func TestParseFromMsgIgnoresExtraAndNsSections(t *testing.T) {
+	msg := new(dns.Msg)
+	msg.SetQuestion("example.com.", dns.TypeA)
+
+	msg.Answer = []dns.RR{
+		&dns.A{
+			Hdr: dns.RR_Header{Name: "example.com.", Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 300},
+			A:   []byte{93, 184, 216, 34},
+		},
+	}
+
+	msg.Ns = []dns.RR{
+		&dns.NS{
+			Hdr: dns.RR_Header{Name: "example.com.", Rrtype: dns.TypeNS, Class: dns.ClassINET, Ttl: 3600},
+			Ns:  "ns1.example.com.",
+		},
+		&dns.SOA{
+			Hdr:     dns.RR_Header{Name: "example.com.", Rrtype: dns.TypeSOA, Class: dns.ClassINET, Ttl: 3600},
+			Ns:      "ns1.example.com.",
+			Mbox:    "admin.example.com.",
+			Serial:  2024010101,
+			Refresh: 7200,
+			Retry:   3600,
+			Expire:  1209600,
+			Minttl:  300,
+		},
+	}
+
+	msg.Extra = []dns.RR{
+		&dns.A{
+			Hdr: dns.RR_Header{Name: "ns1.example.com.", Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 3600},
+			A:   []byte{198, 51, 100, 1},
+		},
+		&dns.AAAA{
+			Hdr:  dns.RR_Header{Name: "ns1.example.com.", Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 3600},
+			AAAA: []byte{0x20, 0x01, 0x0d, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x01},
+		},
+	}
+
+	d := &DNSData{}
+	err := d.ParseFromMsg(msg)
+	require.NoError(t, err)
+
+	assert.Equal(t, []string{"93.184.216.34"}, d.A, "only Answer A records should be parsed")
+	assert.Empty(t, d.AAAA, "Additional AAAA glue records should not leak")
+	assert.Empty(t, d.NS, "Authority NS records should not leak")
+	assert.Empty(t, d.SOA, "Authority SOA records should not leak")
+}
+
 func TestInternalIPDetectionWithHostsFile(t *testing.T) {
 	CheckInternalIPs = true
 	defer func() { CheckInternalIPs = false }()

Original file line number	Diff line number	Diff line change
`@@ -800,9 +800,7 @@ func (d *DNSData) ParseFromRR(rrs []dns.RR) error {`
`800`	`800`
`801`	`801`	`// ParseFromMsg and enrich data`
`802`	`802`	`func (d DNSData) ParseFromMsg(msg dns.Msg) error {`
`803`		`- allRecords := append(msg.Answer, msg.Extra...)`
`804`		`- allRecords = append(allRecords, msg.Ns...)`
`805`		`- return d.ParseFromRR(allRecords)`
	`803`	`+ return d.ParseFromRR(msg.Answer)`
`806`	`804`	`}`
`807`	`805`
`808`	`806`	`func (d DNSData) ParseFromEnvelopeChan(envChan chan dns.Envelope) error {`