From ff87855febdb76b3a7f2e931ed9a68b0eeafc18a Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Wed, 15 Dec 2021 16:31:06 +0100 Subject: [PATCH] dnsdist: Make sure we do not throw from the Lua FFI interface --- pdns/dnsdistdist/dnsdist-lua-ffi.cc | 51 ++++++++++++++++++----------- 1 file changed, 31 insertions(+), 20 deletions(-) diff --git a/pdns/dnsdistdist/dnsdist-lua-ffi.cc b/pdns/dnsdistdist/dnsdist-lua-ffi.cc index 3e455b3baa..163c88fc19 100644 --- a/pdns/dnsdistdist/dnsdist-lua-ffi.cc +++ b/pdns/dnsdistdist/dnsdist-lua-ffi.cc @@ -23,6 +23,7 @@ #include "dnsdist-lua-ffi.hh" #include "dnsdist-lua.hh" #include "dnsdist-ecs.hh" +#include "dolog.hh" uint16_t dnsdist_ffi_dnsquestion_get_qtype(const dnsdist_ffi_dnsquestion_t* dq) { @@ -601,30 +602,40 @@ void setupLuaFFIPerThreadContext(LuaContext& luaCtx) size_t dnsdist_ffi_generate_proxy_protocol_payload(const size_t addrSize, const void* srcAddr, const void* dstAddr, const uint16_t srcPort, const uint16_t dstPort, const bool tcp, const size_t valuesCount, const dnsdist_ffi_proxy_protocol_value* values, void* out, const size_t outSize) { - ComboAddress src, dst; - if (addrSize != sizeof(src.sin4.sin_addr) && addrSize != sizeof(src.sin6.sin6_addr.s6_addr)) { - return 0; - } + try { + ComboAddress src, dst; + if (addrSize != sizeof(src.sin4.sin_addr) && addrSize != sizeof(src.sin6.sin6_addr.s6_addr)) { + return 0; + } - src = makeComboAddressFromRaw(addrSize == sizeof(src.sin4.sin_addr) ? 4 : 6, reinterpret_cast(srcAddr), addrSize); - src.sin4.sin_port = htons(srcPort); - dst = makeComboAddressFromRaw(addrSize == sizeof(dst.sin4.sin_addr) ? 4 : 6, reinterpret_cast(dstAddr), addrSize); - dst.sin4.sin_port = htons(dstPort); + src = makeComboAddressFromRaw(addrSize == sizeof(src.sin4.sin_addr) ? 4 : 6, reinterpret_cast(srcAddr), addrSize); + src.sin4.sin_port = htons(srcPort); + dst = makeComboAddressFromRaw(addrSize == sizeof(dst.sin4.sin_addr) ? 4 : 6, reinterpret_cast(dstAddr), addrSize); + dst.sin4.sin_port = htons(dstPort); + + std::vector valuesVect; + if (valuesCount > 0) { + valuesVect.reserve(valuesCount); + for (size_t idx = 0; idx < valuesCount; idx++) { + valuesVect.push_back({ std::string(values[idx].value, values[idx].size), values[idx].type }); + } + } - std::vector valuesVect; - if (valuesCount > 0) { - valuesVect.reserve(valuesCount); - for (size_t idx = 0; idx < valuesCount; idx++) { - valuesVect.push_back({ std::string(values[idx].value, values[idx].size), values[idx].type }); + std::string payload = makeProxyHeader(tcp, src, dst, valuesVect); + if (payload.size() > outSize) { + return 0; } - } - std::string payload = makeProxyHeader(tcp, src, dst, valuesVect); - if (payload.size() > outSize) { + memcpy(out, payload.c_str(), payload.size()); + + return payload.size(); + } + catch (const std::exception& e) { + vinfolog("Exception in dnsdist_ffi_generate_proxy_protocol_payload: %s", e.what()); + return 0; + } + catch (...) { + vinfolog("Unhandled exception in dnsdist_ffi_generate_proxy_protocol_payload"); return 0; } - - memcpy(out, payload.c_str(), payload.size()); - - return payload.size(); } -- 2.47.2