auth: fix possibe crash in getAllDomains()

author Kees Monshouwer <mind04@monshouwer.org>

Wed, 26 May 2021 18:41:08 +0000 (20:41 +0200)

committer mind04 <mind04@monshouwer.org>

Mon, 31 May 2021 11:05:21 +0000 (13:05 +0200)
author Kees Monshouwer <mind04@monshouwer.org>
Wed, 26 May 2021 18:41:08 +0000 (20:41 +0200)
committer mind04 <mind04@monshouwer.org>
Mon, 31 May 2021 11:05:21 +0000 (13:05 +0200)
diff --git a/modules/tinydnsbackend/tinydnsbackend.cc b/modules/tinydnsbackend/tinydnsbackend.cc

index 96b076cf7e86bb2415ae13d9af246326644573d4..0dbcf85d16541aa7507a4ba9e41026c40a404beb 100644 (file)
--- a/modules/tinydnsbackend/tinydnsbackend.cc
+++ b/modules/tinydnsbackend/tinydnsbackend.cc
@@ -156,6 +156,7 @@ void TinyDNSBackend::setNotified(uint32_t id, uint32_t serial)
  void TinyDNSBackend::getAllDomains(vector<DomainInfo>* domains, bool include_disabled)
  {
    d_isAxfr = true;
+  d_isGetDomains = true;
    d_dnspacket = NULL;
  
    try {
@@ -191,6 +192,7 @@ void TinyDNSBackend::getAllDomains(vector<DomainInfo>* domains, bool include_dis
  bool TinyDNSBackend::list(const DNSName& target, int domain_id, bool include_disabled)
  {
    d_isAxfr = true;
+  d_isGetDomains = false;
    string key = target.toDNSStringLC();
    try {
      d_cdbReader = std::unique_ptr<CDB>(new CDB(getArg("dbfile")));
@@ -206,6 +208,7 @@ bool TinyDNSBackend::list(const DNSName& target, int domain_id, bool include_dis
  void TinyDNSBackend::lookup(const QType& qtype, const DNSName& qdomain, int zoneId, DNSPacket* pkt_p)
  {
    d_isAxfr = false;
+  d_isGetDomains = false;
    string queryDomain = toLowerCanonic(qdomain.toString());
  
    string key = simpleCompress(queryDomain);
@@ -262,6 +265,10 @@ bool TinyDNSBackend::get(DNSResourceRecord& rr)
      PacketReader pr(val, 0);
      rr.qtype = QType(pr.get16BitInt());
  
+    if (d_isGetDomains && rr.qtype != QType::SOA) {
+      continue;
+    }
+
      if (d_isAxfr || d_qtype.getCode() == QType::ANY || rr.qtype == d_qtype) {
        char locwild = pr.get8BitInt();
        if (locwild != '\075' && (locwild == '\076' || locwild == '\053')) {
@@ -333,7 +340,7 @@ bool TinyDNSBackend::get(DNSResourceRecord& rr)
        }
        catch (...) {
          g_log << Logger::Error << backendname << "Failed to parse record content for " << rr.qname << " with type " << rr.qtype.toString();
-        if (d_ignorebogus) {
+        if (d_ignorebogus || d_isGetDomains) {
            g_log << ". Ignoring!" << endl;
            continue;
          }
diff --git a/modules/tinydnsbackend/tinydnsbackend.hh b/modules/tinydnsbackend/tinydnsbackend.hh

index a058af7a41bb0a3b8b685db6a5175939b6a51205..efcb2436a4e88ee11963b99fb89de0face651d92 100644 (file)
--- a/modules/tinydnsbackend/tinydnsbackend.hh
+++ b/modules/tinydnsbackend/tinydnsbackend.hh
@@ -104,6 +104,7 @@ private:
    DNSPacket* d_dnspacket; // used for location and edns-client support.
    bool d_isWildcardQuery; // Indicate if the query received was a wildcard query.
    bool d_isAxfr; // Indicate if we received a list() and not a lookup().
+  bool d_isGetDomains{false};
    bool d_locations;
    bool d_ignorebogus;
    string d_suffix;
author	Kees Monshouwer <mind04@monshouwer.org>
	Wed, 26 May 2021 18:41:08 +0000 (20:41 +0200)
committer	mind04 <mind04@monshouwer.org>
	Mon, 31 May 2021 11:05:21 +0000 (13:05 +0200)
modules/tinydnsbackend/tinydnsbackend.cc		patch \| blob \| blame \| history
modules/tinydnsbackend/tinydnsbackend.hh		patch \| blob \| blame \| history