From 1bda8c253e854100b8e1674ef53fc53c2bc68271 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Wed, 30 Jun 2021 18:16:36 +0200 Subject: [PATCH] dnsdist: Only try to execute a faulty Lua FFI per-thread code once --- pdns/dnsdist-lua-actions.cc | 30 ++++++++++++++++++++++++------ pdns/dnsdistdist/dnsdist-rules.hh | 15 ++++++++++++--- 2 files changed, 36 insertions(+), 9 deletions(-) diff --git a/pdns/dnsdist-lua-actions.cc b/pdns/dnsdist-lua-actions.cc index f83d9a9ab7..aadaa3c008 100644 --- a/pdns/dnsdist-lua-actions.cc +++ b/pdns/dnsdist-lua-actions.cc @@ -504,8 +504,15 @@ public: auto& state = t_perThreadStates[d_functionID]; if (!state.d_initialized) { setupLuaFFIPerThreadContext(state.d_luaContext); - state.d_func = state.d_luaContext.executeCode(d_functionCode); + /* mark the state as initialized first so if there is a syntax error + we only try to execute the code once */ state.d_initialized = true; + state.d_func = state.d_luaContext.executeCode(d_functionCode); + } + + if (!state.d_func) { + /* the function was not properly initialized */ + return DNSAction::Action::None; } dnsdist_ffi_dnsquestion_t dqffi(dq); @@ -520,9 +527,11 @@ public: } } return static_cast(ret); - } catch (const std::exception &e) { + } + catch (const std::exception &e) { warnlog("LuaFFIPerThreadAction failed inside Lua, returning ServFail: %s", e.what()); - } catch (...) { + } + catch (...) { warnlog("LuaFFIPerthreadAction failed inside Lua, returning ServFail: [unknown exception]"); } return DNSAction::Action::ServFail; @@ -616,8 +625,15 @@ public: auto& state = t_perThreadStates[d_functionID]; if (!state.d_initialized) { setupLuaFFIPerThreadContext(state.d_luaContext); - state.d_func = state.d_luaContext.executeCode(d_functionCode); + /* mark the state as initialized first so if there is a syntax error + we only try to execute the code once */ state.d_initialized = true; + state.d_func = state.d_luaContext.executeCode(d_functionCode); + } + + if (!state.d_func) { + /* the function was not properly initialized */ + return DNSResponseAction::Action::None; } dnsdist_ffi_dnsquestion_t dqffi(dq); @@ -632,9 +648,11 @@ public: } } return static_cast(ret); - } catch (const std::exception &e) { + } + catch (const std::exception &e) { warnlog("LuaFFIPerThreadResponseAction failed inside Lua, returning ServFail: %s", e.what()); - } catch (...) { + } + catch (...) { warnlog("LuaFFIPerthreadResponseAction failed inside Lua, returning ServFail: [unknown exception]"); } return DNSResponseAction::Action::ServFail; diff --git a/pdns/dnsdistdist/dnsdist-rules.hh b/pdns/dnsdistdist/dnsdist-rules.hh index bbbcabe0a9..2c3960df1b 100644 --- a/pdns/dnsdistdist/dnsdist-rules.hh +++ b/pdns/dnsdistdist/dnsdist-rules.hh @@ -1193,15 +1193,24 @@ public: auto& state = t_perThreadStates[d_functionID]; if (!state.d_initialized) { setupLuaFFIPerThreadContext(state.d_luaContext); - state.d_func = state.d_luaContext.executeCode(d_functionCode); + /* mark the state as initialized first so if there is a syntax error + we only try to execute the code once */ state.d_initialized = true; + state.d_func = state.d_luaContext.executeCode(d_functionCode); + } + + if (!state.d_func) { + /* the function was not properly initialized */ + return false; } dnsdist_ffi_dnsquestion_t dqffi(const_cast(dq)); return state.d_func(&dqffi); - } catch (const std::exception &e) { + } + catch (const std::exception &e) { warnlog("LuaFFIPerthreadRule failed inside Lua: %s", e.what()); - } catch (...) { + } + catch (...) { warnlog("LuaFFIPerThreadRule failed inside Lua: [unknown exception]"); } return false; -- 2.47.2