From: Remi Gacogne Date: Wed, 30 Apr 2025 14:51:04 +0000 (+0200) Subject: dnsdist: Fix memory corruption when using `getAddressInfo` X-Git-Tag: dnsdist-2.0.0-alpha2~34^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fdfda2cc394e49c83b36536e14c91f165fef5a5d;p=thirdparty%2Fpdns.git dnsdist: Fix memory corruption when using `getAddressInfo` The object holding the callback function, which is translated into a `LuaContext::LuaFunctionCaller`, needs to be destroyed while holding the Lua mutex because it will unregister itself from the Lua context, causing a corruption if a different thread is accessing the Lua context at the same time. --- diff --git a/pdns/dnsdistdist/dnsdist-lua-bindings.cc b/pdns/dnsdistdist/dnsdist-lua-bindings.cc index a0e4ed0d66..abc80f7d1b 100644 --- a/pdns/dnsdistdist/dnsdist-lua-bindings.cc +++ b/pdns/dnsdistdist/dnsdist-lua-bindings.cc @@ -869,7 +869,7 @@ void setupLuaBindings(LuaContext& luaCtx, bool client, bool configCheck) if (client || configCheck) { return; } - std::thread newThread(dnsdist::resolver::asynchronousResolver, std::move(hostname), [callback = std::move(callback)](const std::string& resolvedHostname, std::vector& ips) { + std::thread newThread(dnsdist::resolver::asynchronousResolver, std::move(hostname), [callback = std::move(callback)](const std::string& resolvedHostname, std::vector& ips) mutable { LuaArray result; result.reserve(ips.size()); for (const auto& entry : ips) { @@ -877,7 +877,15 @@ void setupLuaBindings(LuaContext& luaCtx, bool client, bool configCheck) } { auto lua = g_lua.lock(); - callback(resolvedHostname, result); + try { + callback(resolvedHostname, result); + } + catch (const std::exception& exp) { + vinfolog("Error during execution of getAddressInfo callback: %s", exp.what()); + } + // this _needs_ to be done while we are holding the lock, + // otherwise the destructor will corrupt the stack + callback = nullptr; dnsdist::handleQueuedAsynchronousEvents(); } });