From: bert hubert <bert.hubert@netherlabs.nl>
Date: Mon, 29 Feb 2016 09:45:33 +0000 (+0100)
Subject: catch DNSName exceptions in responder thread, possibly preventing death of dnsdist
X-Git-Tag: rec-4.0.0-alpha2~33^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d08b1cdf58d022f21e520ec34481e3befa6bdd93;p=thirdparty%2Fpdns.git

catch DNSName exceptions in responder thread, possibly preventing death of dnsdist
---

diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc
index ae636aa690..137c3d6c29 100644
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -202,7 +202,16 @@ void* responderThread(std::shared_ptr<DownstreamState> state)
     */
     ids->age = 0;
     unsigned int consumed;
-    DNSName qname(packet, responseLen, sizeof(dnsheader), false, &qtype, &qclass, &consumed);
+    DNSName qname;
+    try {
+      // XXX will this move?
+      qname=DNSName(packet, responseLen, sizeof(dnsheader), false, &qtype, &qclass, &consumed);
+    }
+    catch(std::exception& e) {
+      infolog("Backend %s sent us a response that did not parse: %s", state->remote.toStringWithPort(), e.what());
+      g_stats.nonCompliantResponses++;
+      continue;
+    }
     if (qtype != ids->qtype || qclass != ids->qclass || qname != ids->qname)
       continue;
 
@@ -537,6 +546,7 @@ const NumberedServerVector& getDownstreamCandidates(const pools_t& pools, const
 
 // goal in life - if you send us a reasonably normal packet, we'll get Z for you, otherwise 0
 int getEDNSZ(const char* packet, unsigned int len)
+try
 {
   struct dnsheader* dh =(struct dnsheader*)packet;
 
@@ -562,6 +572,10 @@ int getEDNSZ(const char* packet, unsigned int len)
   uint8_t* z = (uint8_t*)packet+sizeof(dnsheader)+pos+consumed+DNS_TYPE_SIZE+DNS_CLASS_SIZE+EDNS_EXTENDED_RCODE_SIZE+EDNS_VERSION_SIZE;
   return 0x100 * (*z) + *(z+1);
 }
+catch(...)
+{
+  return 0;
+}
 
 void spoofResponseFromString(DNSQuestion& dq, const string& spoofContent)
 {
diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh
index 61ef35daf1..0d5b8f7ab8 100644
--- a/pdns/dnsdist.hh
+++ b/pdns/dnsdist.hh
@@ -42,6 +42,7 @@ struct DNSDistStats
   stat_t servfailResponses{0};
   stat_t queries{0};
   stat_t nonCompliantQueries{0};
+  stat_t nonCompliantResponses{0};
   stat_t rdQueries{0};
   stat_t emptyQueries{0};
   stat_t aclDrops{0};
@@ -76,6 +77,7 @@ struct DNSDistStats
     {"uptime", uptimeOfProcess},
     {"real-memory-usage", getRealMemoryUsage},
     {"noncompliant-queries", &nonCompliantQueries},
+    {"noncompliant-responses", &nonCompliantResponses},
     {"rdqueries", &rdQueries},
     {"empty-queries", &emptyQueries},
     {"cache-hits", &cacheHits},