From: Otto <otto.moerbeek@open-xchange.com>
Date: Mon, 29 Mar 2021 08:40:37 +0000 (+0200)
Subject: More fail-safe handling of NOD files
X-Git-Tag: dnsdist-1.6.0-rc1~46^2~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7b4cc738ffaaec7173f39fc140799f2200d93e61;p=thirdparty%2Fpdns.git

More fail-safe handling of NOD files
---

diff --git a/pdns/nod.cc b/pdns/nod.cc
index 0605c51358..cc0b2761e2 100644
--- a/pdns/nod.cc
+++ b/pdns/nod.cc
@@ -86,7 +86,9 @@ bool PersistentSBF::init(bool ignore_pid) {
             remove(newest_file);
           }
           catch (const std::runtime_error& e) {
-            g_log<<Logger::Warning<<"NODDB init: Cannot parse file: " << filename << endl;
+            infile.close();
+            remove(newest_file);
+            g_log<<Logger::Warning<<"NODDB init: Cannot parse file: " << filename << ": " << e.what() << "; removed" << endl;
           }
         }
       }
@@ -124,11 +126,13 @@ bool PersistentSBF::snapshotCurrent(std::thread::id tid)
     std::stringstream ss;
     ss << d_prefix << "_" << tid;
     f /= ss.str() + "_" + std::to_string(getpid()) + "." + bf_suffix;
+    path ftmp = f;
+    ftmp += ".tmp";
     if (exists(p) && is_directory(p)) {
       try {
         std::ofstream ofile;
         std::stringstream iss;
-        ofile.open(f.string(), std::ios::out | std::ios::binary);
+        ofile.open(ftmp.string(), std::ios::out | std::ios::binary);
         {
           // only lock while dumping to a stringstream
           std::lock_guard<std::mutex> lock(d_sbf_mutex);
@@ -137,8 +141,13 @@ bool PersistentSBF::snapshotCurrent(std::thread::id tid)
         // Now write it out to the file
         ofile << iss.str();
 
-        if (ofile.fail())
-          throw std::runtime_error("Failed to write to file:" + f.string());
+        if (ofile.fail()) {
+          ofile.close();
+          remove(ftmp);
+          throw std::runtime_error("Failed to write to file:" + ftmp.string());
+        }
+        ofile.close();
+        rename(ftmp, f);
         return true;
       }
       catch (const std::runtime_error& e) {
diff --git a/pdns/recursordist/stable-bloom.hh b/pdns/recursordist/stable-bloom.hh
index e15723589a..a6cc5720f6 100644
--- a/pdns/recursordist/stable-bloom.hh
+++ b/pdns/recursordist/stable-bloom.hh
@@ -106,13 +106,28 @@ public:
     uint8_t k, p;
     uint32_t num_cells, bitstr_len;
     is.read((char*)&k, sizeof(k));
+    if (is.fail()) {
+      throw std::runtime_error("SBF: read failed (file too short?)");
+    }
     is.read((char*)&num_cells, sizeof(num_cells));
+    if (is.fail()) {
+      throw std::runtime_error("SBF: read failed (file too short?)");
+    }
     num_cells = ntohl(num_cells);
     is.read((char*)&p, sizeof(p));
+    if (is.fail()) {
+      throw std::runtime_error("SBF: read failed (file too short?)");
+    }
     is.read((char*)&bitstr_len, sizeof(bitstr_len));
+    if (is.fail()) {
+      throw std::runtime_error("SBF: read failed (file too short?)");
+    }
     bitstr_len = ntohl(bitstr_len);
     char* bitcstr = new char[bitstr_len];
     is.read((char*)bitcstr, bitstr_len);
+    if (is.fail()) {
+      throw std::runtime_error("SBF: read failed (file too short?)");
+    }
     std::string bitstr(bitcstr, bitstr_len);
     delete[] bitcstr;
     stableBF tempbf(k, num_cells, p, bitstr);