[Dnsmasq-discuss] [PATCH] auth: Fix segfault when querying ptr locally on ip6.arpa auth-zone
Johnny S. Lee
_ at jsl.io
Fri Apr 10 23:51:24 BST 2015
Just a quick fix on obvious calls with NULL pointer. Not sure if I'm doing
it correctly. At least it won't crash anymore with my config:
auth-server=my.domain.tld,ethN
auth-zone=my.domain.tld,a.b.c.d/32,w:x:y:z::/64
auth-zone=z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa
Debug against ad4a8ff7d9097008d7623df8543df435bfddeac8, when running the
following on a machine in local network:
dig ptr
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa
(note: I have a host record of that address in a hosts file)
Program received signal SIGSEGV, Segmentation fault.
in_zone (zone=0x0, name=0x456008 "my.domain.tld", cut=0x0) at auth.c:60
60 size_t domainlen = strlen(zone->domain);
in auth.c
(gdb) backtrace
#0 in_zone (zone=0x0, name=0x456008 "my.domain.tld", cut=0x0) at auth.c:60
#1 0x00438784 in answer_auth (header=0x459000, limit=0x45a000 "", qlen=90,
now=1428682071, peer_addr=0x7fff6840, local_query=1) at auth.c:220
#2 0x00417778 in receive_query (listen=0x458878, now=1428682071)
at forward.c:1339
#3 0x0041bf38 in check_dns_listeners (set=0x7fff69fc, now=1428682071)
at dnsmasq.c:1547
#4 0x0041f240 in main (argc=<optimized out>, argv=<optimized out>)
at dnsmasq.c:1031
---
src/auth.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/auth.c b/src/auth.c
index 15721e5..ccfdc19 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -186,7 +186,7 @@ size_t answer_auth(struct dns_header *header, char
*limit, size_t qlen, time_t n
if (intr)
{
- if (in_zone(zone, intr->name, NULL))
+ if (local_query || in_zone(zone, intr->name, NULL))
{
found = 1;
log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
@@ -209,6 +209,7 @@ size_t answer_auth(struct dns_header *header, char
*limit, size_t qlen, time_t n
/* add external domain */
strcat(name, ".");
+ /* FIXME: zone is NULL when local_query == 1 */
strcat(name, zone->domain);
log_query(flag | F_DHCP | F_REVERSE, name, &addr,
record_source(crecp->uid));
found = 1;
@@ -217,7 +218,7 @@ size_t answer_auth(struct dns_header *header, char
*limit, size_t qlen, time_t n
T_PTR, C_IN, "d", name))
anscount++;
}
- else if (crecp->flags & (F_DHCP | F_HOSTS) && in_zone(zone,
name, NULL))
+ else if (crecp->flags & (F_DHCP | F_HOSTS) && (local_query ||
in_zone(zone, name, NULL)))
{
log_query(crecp->flags & ~F_FORWARD, name, &addr,
record_source(crecp->uid));
found = 1;
--
2.3.5
More information about the Dnsmasq-discuss
mailing list