From: Remi Gacogne Date: Wed, 30 Apr 2025 14:51:04 +0000 (+0200) Subject: dnsdist: Fix memory corruption when using `getAddressInfo` X-Git-Tag: dnsdist-1.9.10~5^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F15519%2Fhead;p=thirdparty%2Fpdns.git dnsdist: Fix memory corruption when using `getAddressInfo` The object holding the callback function, which is translated into a `LuaContext::LuaFunctionCaller`, needs to be destroyed while holding the Lua mutex because it will unregister itself from the Lua context, causing a corruption if a different thread is accessing the Lua context at the same time. (cherry picked from commit fdfda2cc394e49c83b36536e14c91f165fef5a5d) --- diff --git a/pdns/dnsdist-lua-bindings.cc b/pdns/dnsdist-lua-bindings.cc index ffed8f0bc1..48673e81dc 100644 --- a/pdns/dnsdist-lua-bindings.cc +++ b/pdns/dnsdist-lua-bindings.cc @@ -845,7 +845,7 @@ void setupLuaBindings(LuaContext& luaCtx, bool client, bool configCheck) if (client || configCheck) { return; } - std::thread newThread(dnsdist::resolver::asynchronousResolver, std::move(hostname), [callback=std::move(callback)](const std::string& resolvedHostname, std::vector& ips) { + std::thread newThread(dnsdist::resolver::asynchronousResolver, std::move(hostname), [callback = std::move(callback)](const std::string& resolvedHostname, std::vector& ips) mutable { LuaArray result; result.reserve(ips.size()); for (const auto& entry : ips) { @@ -853,7 +853,15 @@ void setupLuaBindings(LuaContext& luaCtx, bool client, bool configCheck) } { auto lua = g_lua.lock(); - callback(resolvedHostname, result); + try { + callback(resolvedHostname, result); + } + catch (const std::exception& exp) { + vinfolog("Error during execution of getAddressInfo callback: %s", exp.what()); + } + // this _needs_ to be done while we are holding the lock, + // otherwise the destructor will corrupt the stack + callback = nullptr; dnsdist::handleQueuedAsynchronousEvents(); } });