From 07149f576a223431b6d831798cfbe40910931afc Mon Sep 17 00:00:00 2001
From: George Thessalonikefs <yorgos@nlnetlabs.nl>
Date: Fri, 13 Oct 2023 14:58:16 +0200
Subject: [PATCH] - Better fix for infinite loop when reading multiple lines of
 input on   a broken remote control socket, by treating a zero byte line the  
 same as transmission end. Addesses #947 and #948.

---
 daemon/remote.c | 20 ++++++++++----------
 doc/Changelog   |  5 +++++
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/daemon/remote.c b/daemon/remote.c
index 0460d5308..235f96c7f 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -590,13 +590,13 @@ ssl_read_line(RES* res, char* buf, size_t max)
 			while(1) {
 				ssize_t rr = recv(res->fd, buf+len, 1, 0);
 				if(rr <= 0) {
-					if(rr == 0 && len != 0) {
+					if(rr == 0) {
 						buf[len] = 0;
 						return 1;
 					}
 					if(errno == EINTR || errno == EAGAIN)
 						continue;
-					log_err("could not recv: %s",
+					if(rr < 0) log_err("could not recv: %s",
 						sock_strerror(errno));
 					return 0;
 				}
@@ -1223,8 +1223,8 @@ do_zones_add(RES* ssl, struct local_zones* zones)
 	char buf[2048];
 	int num = 0;
 	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0x04 && buf[1] == 0)
-			break; /* end of transmission */
+		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+			break; /* zero byte line or end of transmission */
 		if(!perform_zone_add(ssl, zones, buf)) {
 			if(!ssl_printf(ssl, "error for input line: %s\n", buf))
 				return;
@@ -1272,8 +1272,8 @@ do_zones_remove(RES* ssl, struct local_zones* zones)
 	char buf[2048];
 	int num = 0;
 	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0x04 && buf[1] == 0)
-			break; /* end of transmission */
+		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+			break; /* zero byte line or end of transmission */
 		if(!perform_zone_remove(ssl, zones, buf)) {
 			if(!ssl_printf(ssl, "error for input line: %s\n", buf))
 				return;
@@ -1336,8 +1336,8 @@ do_datas_add(RES* ssl, struct local_zones* zones)
 	char buf[2048];
 	int num = 0, line = 0;
 	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0x04 && buf[1] == 0)
-			break; /* end of transmission */
+		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+			break; /* zero byte line or end of transmission */
 		line++;
 		if(perform_data_add(ssl, zones, buf, line))
 			num++;
@@ -1376,8 +1376,8 @@ do_datas_remove(RES* ssl, struct local_zones* zones)
 	char buf[2048];
 	int num = 0;
 	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0x04 && buf[1] == 0)
-			break; /* end of transmission */
+		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+			break; /* zero byte line or end of transmission */
 		if(!perform_data_remove(ssl, zones, buf)) {
 			if(!ssl_printf(ssl, "error for input line: %s\n", buf))
 				return;
diff --git a/doc/Changelog b/doc/Changelog
index 14fe19acd..eb2dae2ad 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,8 @@
+13 October 2023: George
+	- Better fix for infinite loop when reading multiple lines of input on
+	  a broken remote control socket, by treating a zero byte line the
+	  same as transmission end. Addesses #947 and #948.
+
 12 October 2023: Wouter
 	- Merge #944: Disable EDNS DO.
 	  Disable the EDNS DO flag in upstream requests. This can be helpful
-- 
2.47.3