[Dnsmasq-discuss] [PATCH] auth: Fix segfault when querying ptr locally on ip6.arpa auth-zone

Simon Kelley simon at thekelleys.org.uk
Thu Apr 16 15:18:47 BST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 13/04/15 14:24, Johnny S. Lee wrote:
> But if I removed the line
>> auth-zone=z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa
> there would be no SOA and NS records when I run dig +trace soa
> z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa

That's true, but it's an oversight/bug, not something that should need
another  line of config. The existing code provides NS and SOA answers
as appropriate to PTR queries within
z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa but it erroneously doesn't
answer direct NS and SOA queries. (It does for my.domain.tld)

I just checked-in a change to fix this.

Cheers,

Simon.


> 
> On Mon, Apr 13, 2015 at 4:41 AM, Simon Kelley
> <simon at thekelleys.org.uk> wrote: On 10/04/15 23:51, Johnny S. Lee
> wrote:
>>>> Just a quick fix on obvious calls with NULL pointer. Not sure
>>>> if I'm doing it correctly. At least it won't crash anymore
>>>> with my config:
>>>> 
>>>> auth-server=my.domain.tld,ethN 
>>>> auth-zone=my.domain.tld,a.b.c.d/32,w:x:y:z::/64 
>>>> auth-zone=z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> This line is superfluous, and the direct cause of the problem
> you're seeing, the w:x:y:z::/64 in the line above automatically
> makes
> 
> z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6.arpa
> 
> an authoritative zone, there's no need to declare it as such.
> 
> The crash is real, and needs to be fixed: the code fails to
> account for the someone configuring it like you did, because it's
> not how it was intended to be configured, I guess. I've applied the
> patch, or something like it. In the meantime, just deleting that
> line will make dnsmasq, as released, not crash.
> 
> 
> Thanks for the bug report.
> 
> 
> Cheers,
> 
> Simon.
> 
> 
> 
>>>> 
>>>> Debug against ad4a8ff7d9097008d7623df8543df435bfddeac8, when 
>>>> running the following on a machine in local network: dig ptr 
>>>> 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.z.0.0.0.y.0.0.0.x.0.0.0.w.0.0.0.ip6
.ar
>
>>>> 
pa
>>>> 
>>>> 
> (note: I have a host record of that address in a hosts file)
>>>> 
>>>> Program received signal SIGSEGV, Segmentation fault. in_zone 
>>>> (zone=0x0, name=0x456008 "my.domain.tld", cut=0x0) at
>>>> auth.c:60 60 size_t domainlen = strlen(zone->domain); in
>>>> auth.c (gdb) backtrace #0  in_zone (zone=0x0, name=0x456008
>>>> "my.domain.tld", cut=0x0) at auth.c:60 #1  0x00438784 in
>>>> answer_auth (header=0x459000, limit=0x45a000 "", qlen=90,
>>>> now=1428682071, peer_addr=0x7fff6840, local_query=1) at
>>>> auth.c:220 #2  0x00417778 in receive_query (listen=0x458878,
>>>> now=1428682071) at forward.c:1339 #3  0x0041bf38 in
>>>> check_dns_listeners (set=0x7fff69fc, now=1428682071) at 
>>>> dnsmasq.c:1547 #4  0x0041f240 in main (argc=<optimized out>, 
>>>> argv=<optimized out>) at dnsmasq.c:1031 --- src/auth.c | 5
>>>> +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
>>>> 
>>>> diff --git a/src/auth.c b/src/auth.c index 15721e5..ccfdc19
>>>> 100644 --- a/src/auth.c +++ b/src/auth.c @@ -186,7 +186,7 @@
>>>> size_t answer_auth(struct dns_header *header, char *limit,
>>>> size_t qlen, time_t n
>>>> 
>>>> if (intr) { -          if (in_zone(zone, intr->name, NULL))
>>>> + if (local_query || in_zone(zone, intr->name, NULL)) { found
>>>> = 1; log_query(flag | F_REVERSE | F_CONFIG, intr->name,
>>>> &addr, NULL); @@ -209,6 +209,7 @@ size_t answer_auth(struct
>>>> dns_header *header, char *limit, size_t qlen, time_t n
>>>> 
>>>> /* add  external domain */ strcat(name, "."); +          /*
>>>> FIXME: zone is NULL when local_query == 1 */ strcat(name,
>>>> zone->domain); log_query(flag | F_DHCP | F_REVERSE, name,
>>>> &addr, record_source(crecp->uid)); found = 1; @@ -217,7
>>>> +218,7 @@ size_t answer_auth(struct dns_header *header, char
>>>> *limit, size_t qlen, time_t n T_PTR, C_IN, "d", name))
>>>> anscount++; } -          else if (crecp->flags & (F_DHCP |
>>>> F_HOSTS) && in_zone(zone, name, NULL)) + else if
>>>> (crecp->flags & (F_DHCP | F_HOSTS) && (local_query || 
>>>> in_zone(zone, name, NULL))) { log_query(crecp->flags &
>>>> ~F_FORWARD, name, &addr, record_source(crecp->uid)); found =
>>>> 1;
> 
>> 
>> _______________________________________________ Dnsmasq-discuss
>> mailing list Dnsmasq-discuss at lists.thekelleys.org.uk 
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAlUvxMcACgkQKPyGmiibgree+QCfVuyzX3cH76OFy2f1Oxnls/1V
kX4An0KHSmsTU8aCBqbqljy+V+d51wVc
=QyPq
-----END PGP SIGNATURE-----



More information about the Dnsmasq-discuss mailing list