add minimal ECS content checking

genreport.c

@@ -2351,6 +2351,7 @@ process(struct workitem *item, unsigned char *buf, int buflen, int port) {
 	int tsig_wrong_key = 0, tsig_wrong_alg = 0, tsig_bad_time = 0;
 	int tsig_bad_other_len = 0, tsig_bad_sig = 0, tsig_bad_fudge = 0;
 	int n, cname = 0, dname = 0, rrsig = 0, found = 0;
+	int badecs;
 	char addrbuf[64];
 	int ednsvers = 0;
 	int ok = 1;
@@ -2691,8 +2692,15 @@ process(struct workitem *item, unsigned char *buf, int buflen, int port) {
 						copy_nsid(item->summary,
 							  options, optlen);
 					}
-					if (code == 8)
+					if (code == 8) {
 						seenecs = 1;
+						if (optlen != 4 ||
+						    memcmp(options,
+							   "\x00\x01\x00", 3)) {
+							badecs = 1;
+						}
+						
+					}
 					if (code == 9 && optlen == 4)
 						seenexpire = 1;
 					/* Server Cookie. */
@@ -2882,13 +2890,14 @@ process(struct workitem *item, unsigned char *buf, int buflen, int port) {
 		       "ra=%u z=%u ad=%u cd=%u qrcount=%u ancount=%u "
 		       "aucount=%u adcount=%u\n"
 		       "\tseensoa=%u seenrrsig=%u seenopt=%u "
-		       "seennsid=%u seenecs=%u seenexpire=%u seencookie=%u\n"
+		       "seennsid=%u seenecs=%u badecs=%u "
+		       "seenexpire=%u seencookie=%u\n"
 		       "\tednsudpsize=%u\n",
 		       id, testname, opcode, rcode,
 		       qr, aa, tc, rd, ra, z, ad, cd,
 		       qrcount, ancount, aucount, adcount,
 		       seensoa, seenrrsig, seenopt,
-		       seennsid, seenecs, seenexpire, seencookie,
+		       seennsid, seenecs, badecs, seenexpire, seencookie,
 		       ednssize);
 	}
 
@@ -3074,8 +3083,13 @@ process(struct workitem *item, unsigned char *buf, int buflen, int port) {
 	} else if (seencookie) {
 		addtag(item, "cookie");
 	}
-	if (seenecs)
-		addtag(item, "subnet");
+	if (seenecs) {
+		if (badecs) {
+			addtag(item, "subnet-bad");
+		} else {
+			addtag(item, "subnet");
+		}
+	}
 	if (proxy)
 		addtag(item, "proxy");