[Dnsmasq-discuss] [PATCH] auth: Fix segfault when querying ptr locally on ip6.arpa auth-zone

Johnny S. Lee _ at jsl.io
Fri Apr 10 23:51:24 BST 2015


Just a quick fix on obvious calls with NULL pointer. Not sure if I'm doing
it correctly. At least it won't crash anymore with my config:

auth-server=my.domain.tld,ethN
auth-zone=my.domain.tld,a.b.c.d/32,w:x:y:z::/64
auth-zone=z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa

Debug against ad4a8ff7d9097008d7623df8543df435bfddeac8, when running the
following on a machine in local network:
   dig ptr 
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa
   (note: I have a host record of that address in a hosts file)

Program received signal SIGSEGV, Segmentation fault.
in_zone (zone=0x0, name=0x456008 "my.domain.tld", cut=0x0) at auth.c:60
60      size_t domainlen = strlen(zone->domain);
     in auth.c
(gdb) backtrace
#0  in_zone (zone=0x0, name=0x456008 "my.domain.tld", cut=0x0) at auth.c:60
#1  0x00438784 in answer_auth (header=0x459000, limit=0x45a000 "", qlen=90,
     now=1428682071, peer_addr=0x7fff6840, local_query=1) at auth.c:220
#2  0x00417778 in receive_query (listen=0x458878, now=1428682071)
     at forward.c:1339
#3  0x0041bf38 in check_dns_listeners (set=0x7fff69fc, now=1428682071)
     at dnsmasq.c:1547
#4  0x0041f240 in main (argc=<optimized out>, argv=<optimized out>)
     at dnsmasq.c:1031
---
  src/auth.c | 5 +++--
  1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/auth.c b/src/auth.c
index 15721e5..ccfdc19 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -186,7 +186,7 @@ size_t answer_auth(struct dns_header *header, char 
*limit, size_t qlen, time_t n

        if (intr)
          {
-          if (in_zone(zone, intr->name, NULL))
+          if (local_query || in_zone(zone, intr->name, NULL))
          {
            found = 1;
            log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
@@ -209,6 +209,7 @@ size_t answer_auth(struct dns_header *header, char 
*limit, size_t qlen, time_t n

            /* add  external domain */
            strcat(name, ".");
+          /* FIXME: zone is NULL when local_query == 1 */
            strcat(name, zone->domain);
            log_query(flag | F_DHCP | F_REVERSE, name, &addr, 
record_source(crecp->uid));
            found = 1;
@@ -217,7 +218,7 @@ size_t answer_auth(struct dns_header *header, char 
*limit, size_t qlen, time_t n
                        T_PTR, C_IN, "d", name))
              anscount++;
          }
-          else if (crecp->flags & (F_DHCP | F_HOSTS) && in_zone(zone, 
name, NULL))
+          else if (crecp->flags & (F_DHCP | F_HOSTS) && (local_query || 
in_zone(zone, name, NULL)))
          {
            log_query(crecp->flags & ~F_FORWARD, name, &addr, 
record_source(crecp->uid));
            found = 1;
-- 
2.3.5



More information about the Dnsmasq-discuss mailing list