From 23a3bc71f29e1090cb5fcab14b4405555657348c Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Fri, 12 Nov 2021 15:59:45 +0100 Subject: [PATCH] dnsdist: Clean up parameter types in Lua bindings --- pdns/dnsdist-lua-bindings-dnsquestion.cc | 27 +++++--- pdns/dnsdist-lua-bindings.cc | 6 +- pdns/dnsdist-lua-rules.cc | 4 +- pdns/dnsdist-lua.cc | 86 +++++++++++++----------- pdns/dnsdist-lua.hh | 3 +- pdns/dnsdist-web.cc | 8 +-- pdns/dnsdistdist/dnsdist-web.hh | 2 +- pdns/dnsdistdist/test-dnsdistrules_cc.cc | 8 +++ 8 files changed, 85 insertions(+), 59 deletions(-) diff --git a/pdns/dnsdist-lua-bindings-dnsquestion.cc b/pdns/dnsdist-lua-bindings-dnsquestion.cc index 9d2033139c..2baa1c9bdc 100644 --- a/pdns/dnsdist-lua-bindings-dnsquestion.cc +++ b/pdns/dnsdist-lua-bindings-dnsquestion.cc @@ -114,7 +114,7 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx) return *dq.qTag; }); - luaCtx.registerFunction>)>("setProxyProtocolValues", [](DNSQuestion& dq, const std::vector>& values) { + luaCtx.registerFunction>)>("setProxyProtocolValues", [](DNSQuestion& dq, const std::vector>& values) { if (!dq.proxyProtocolValues) { dq.proxyProtocolValues = make_unique>(); } @@ -122,24 +122,26 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx) dq.proxyProtocolValues->clear(); dq.proxyProtocolValues->reserve(values.size()); for (const auto& value : values) { - dq.proxyProtocolValues->push_back({value.second, value.first}); + checkParameterBound("setProxyProtocolValues", value.first, std::numeric_limits::max()); + dq.proxyProtocolValues->push_back({value.second, static_cast(value.first)}); } }); - luaCtx.registerFunction("addProxyProtocolValue", [](DNSQuestion& dq, uint8_t type, std::string value) { + luaCtx.registerFunction("addProxyProtocolValue", [](DNSQuestion& dq, uint64_t type, std::string value) { + checkParameterBound("addProxyProtocolValue", type, std::numeric_limits::max()); if (!dq.proxyProtocolValues) { dq.proxyProtocolValues = make_unique>(); } - dq.proxyProtocolValues->push_back({value, type}); + dq.proxyProtocolValues->push_back({value, static_cast(type)}); }); - luaCtx.registerFunction>(DNSQuestion::*)()>("getProxyProtocolValues", [](const DNSQuestion& dq) { + luaCtx.registerFunction>(DNSQuestion::*)()>("getProxyProtocolValues", [](const DNSQuestion& dq) { if (!dq.proxyProtocolValues) { - return std::vector>(); + return std::vector>(); } - std::vector> result; + std::vector> result; result.resize(dq.proxyProtocolValues->size()); for (const auto& value : *dq.proxyProtocolValues) { result.push_back({ value.type, value.content }); @@ -285,16 +287,23 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx) return dq.du->getHTTPHeaders(); }); - luaCtx.registerFunction contentType)>("setHTTPResponse", [](DNSQuestion& dq, uint16_t statusCode, const std::string& body, const boost::optional contentType) { + luaCtx.registerFunction contentType)>("setHTTPResponse", [](DNSQuestion& dq, uint64_t statusCode, const std::string& body, const boost::optional contentType) { if (dq.du == nullptr) { return; } + checkParameterBound("DNSQuestion::setHTTPResponse", statusCode, std::numeric_limits::max()); PacketBuffer vect(body.begin(), body.end()); dq.du->setHTTPResponse(statusCode, std::move(vect), contentType ? *contentType : ""); }); #endif /* HAVE_DNS_OVER_HTTPS */ - luaCtx.registerFunction("setNegativeAndAdditionalSOA", [](DNSQuestion& dq, bool nxd, const std::string& zone, uint32_t ttl, const std::string& mname, const std::string& rname, uint32_t serial, uint32_t refresh, uint32_t retry, uint32_t expire, uint32_t minimum) { + luaCtx.registerFunction("setNegativeAndAdditionalSOA", [](DNSQuestion& dq, bool nxd, const std::string& zone, uint64_t ttl, const std::string& mname, const std::string& rname, uint64_t serial, uint64_t refresh, uint64_t retry, uint64_t expire, uint64_t minimum) { + checkParameterBound("setNegativeAndAdditionalSOA", ttl, std::numeric_limits::max()); + checkParameterBound("setNegativeAndAdditionalSOA", serial, std::numeric_limits::max()); + checkParameterBound("setNegativeAndAdditionalSOA", refresh, std::numeric_limits::max()); + checkParameterBound("setNegativeAndAdditionalSOA", retry, std::numeric_limits::max()); + checkParameterBound("setNegativeAndAdditionalSOA", expire, std::numeric_limits::max()); + checkParameterBound("setNegativeAndAdditionalSOA", minimum, std::numeric_limits::max()); return setNegativeAndAdditionalSOA(dq, nxd, DNSName(zone), ttl, DNSName(mname), DNSName(rname), serial, refresh, retry, expire, minimum); }); } diff --git a/pdns/dnsdist-lua-bindings.cc b/pdns/dnsdist-lua-bindings.cc index 5e51e19264..265f712aad 100644 --- a/pdns/dnsdist-lua-bindings.cc +++ b/pdns/dnsdist-lua-bindings.cc @@ -594,7 +594,8 @@ void setupLuaBindings(LuaContext& luaCtx, bool client) return values; }); - luaCtx.writeFunction("newDOHResponseMapEntry", [](const std::string& regex, uint16_t status, const std::string& content, boost::optional> customHeaders) { + luaCtx.writeFunction("newDOHResponseMapEntry", [](const std::string& regex, uint64_t status, const std::string& content, boost::optional> customHeaders) { + checkParameterBound("newDOHResponseMapEntry", status, std::numeric_limits::max()); boost::optional>> headers{boost::none}; if (customHeaders) { headers = std::vector>(); @@ -605,8 +606,9 @@ void setupLuaBindings(LuaContext& luaCtx, bool client) return std::make_shared(regex, status, PacketBuffer(content.begin(), content.end()), headers); }); - luaCtx.writeFunction("newSVCRecordParameters", [](uint16_t priority, const std::string& target, boost::optional additionalParameters) + luaCtx.writeFunction("newSVCRecordParameters", [](uint64_t priority, const std::string& target, boost::optional additionalParameters) { + checkParameterBound("newSVCRecordParameters", priority, std::numeric_limits::max()); SVCRecordParameters parameters; if (additionalParameters) { parameters = parseSVCParameters(*additionalParameters); diff --git a/pdns/dnsdist-lua-rules.cc b/pdns/dnsdist-lua-rules.cc index 19eec4ca66..bc17df30e7 100644 --- a/pdns/dnsdist-lua-rules.cc +++ b/pdns/dnsdist-lua-rules.cc @@ -75,10 +75,10 @@ void parseRuleParams(boost::optional params, boost::uuids::uuid if (params) { if (params->count("uuid")) { - uuidStr = boost::get((*params)["uuid"]); + uuidStr = params->at("uuid"); } if (params->count("name")) { - name = boost::get((*params)["name"]); + name = params->at("name"); } } diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc index e37b998c6b..f456822168 100644 --- a/pdns/dnsdist-lua.cc +++ b/pdns/dnsdist-lua.cc @@ -101,9 +101,9 @@ void resetLuaSideEffect() g_noLuaSideEffect = boost::logic::indeterminate; } -typedef std::unordered_map>, std::vector>, std::map>> localbind_t; +typedef std::unordered_map>, std::vector>, std::vector>>> localbind_t; -static void parseLocalBindVars(boost::optional vars, bool& reusePort, int& tcpFastOpenQueueSize, std::string& interface, std::set& cpus, int& tcpListenQueueSize, size_t& maxInFlightQueriesPerConnection, size_t& tcpMaxConcurrentConnections) +static void parseLocalBindVars(boost::optional vars, bool& reusePort, int& tcpFastOpenQueueSize, std::string& interface, std::set& cpus, int& tcpListenQueueSize, uint64_t& maxInFlightQueriesPerConnection, uint64_t& tcpMaxConcurrentConnections) { if (vars) { if (vars->count("reusePort")) { @@ -257,7 +257,7 @@ static void parseTLSConfig(TLSConfig& config, const std::string& context, boost: #endif // defined(HAVE_DNS_OVER_TLS) || defined(HAVE_DNS_OVER_HTTPS) -static void checkParameterBound(const std::string& parameter, uint64_t value, size_t max = std::numeric_limits::max()) +void checkParameterBound(const std::string& parameter, uint64_t value, size_t max) { if (value > max) { throw std::runtime_error("The value (" + std::to_string(value) + ") passed to " + parameter + " is too large, the maximum is " + std::to_string(max)); @@ -920,7 +920,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) return *poolServers; }); - luaCtx.writeFunction("getServer", [client](boost::variant i) { + luaCtx.writeFunction("getServer", [client](boost::variant i) { if (client) { return std::make_shared(ComboAddress()); } @@ -933,7 +933,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } } } - else if (auto pos = boost::get(&i)) { + else if (auto pos = boost::get(&i)) { return states.at(*pos); } @@ -942,19 +942,19 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) }); #ifndef DISABLE_CARBON - luaCtx.writeFunction("carbonServer", [](const std::string& address, boost::optional ourName, boost::optional interval, boost::optional namespace_name, boost::optional instance_name) { + luaCtx.writeFunction("carbonServer", [](const std::string& address, boost::optional ourName, boost::optional interval, boost::optional namespace_name, boost::optional instance_name) { setLuaSideEffect(); auto ours = g_carbon.getCopy(); ours.push_back({ComboAddress(address, 2003), (namespace_name && !namespace_name->empty()) ? *namespace_name : "dnsdist", ourName ? *ourName : "", (instance_name && !instance_name->empty()) ? *instance_name : "main", - interval ? *interval : 30}); + (interval && *interval < std::numeric_limits::max()) ? static_cast(*interval) : 30}); g_carbon.setState(ours); }); #endif /* DISABLE_CARBON */ - luaCtx.writeFunction("webserver", [client, configCheck](const std::string& address, boost::optional password, boost::optional apiKey, const boost::optional> customHeaders, const boost::optional acl) { + luaCtx.writeFunction("webserver", [client, configCheck](const std::string& address, boost::optional password, boost::optional apiKey, const boost::optional> customHeaders, const boost::optional acl) { setLuaSideEffect(); ComboAddress local; try { @@ -1015,7 +1015,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - typedef std::unordered_map>> webserveropts_t; + typedef std::unordered_map>> webserveropts_t; luaCtx.writeFunction("setWebserverConfig", [](boost::optional vars) { setLuaSideEffect(); @@ -1056,7 +1056,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } if (vars->count("customHeaders")) { - const boost::optional> headers = boost::get>(vars->at("customHeaders")); + const auto headers = boost::get>(vars->at("customHeaders")); setWebserverCustomHeaders(headers); } @@ -1162,7 +1162,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setConsoleMaximumConcurrentConnections", [](size_t max) { + luaCtx.writeFunction("setConsoleMaximumConcurrentConnections", [](uint64_t max) { setLuaSideEffect(); setConsoleMaximumConcurrentConnections(max); }); @@ -1179,7 +1179,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_outputBuffer = (fmt % size).str(); }); - luaCtx.writeFunction("getQueryCounters", [](boost::optional optMax) { + luaCtx.writeFunction("getQueryCounters", [](boost::optional optMax) { setLuaNoSideEffect(); auto records = g_qcount.records.read_lock(); g_outputBuffer = "query counting is currently: "; @@ -1187,8 +1187,8 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_outputBuffer += (boost::format(" (%d records in buffer)\n") % records->size()).str(); boost::format fmt("%-3d %s: %d request(s)\n"); - unsigned int max = optMax ? *optMax : 10; - unsigned int index{1}; + uint64_t max = optMax ? *optMax : 10U; + uint64_t index{1}; for (auto it = records->begin(); it != records->end() && index <= max; ++it, ++index) { g_outputBuffer += (fmt % index % it->first % it->second).str(); } @@ -1302,7 +1302,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setMaxTCPQueriesPerConnection", [](size_t max) { + luaCtx.writeFunction("setMaxTCPQueriesPerConnection", [](uint64_t max) { if (!g_configurationDone) { g_maxTCPQueriesPerConn = max; } @@ -1311,7 +1311,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setMaxTCPConnectionsPerClient", [](size_t max) { + luaCtx.writeFunction("setMaxTCPConnectionsPerClient", [](uint64_t max) { if (!g_configurationDone) { g_maxTCPConnectionsPerClient = max; } @@ -1320,7 +1320,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setMaxTCPConnectionDuration", [](size_t max) { + luaCtx.writeFunction("setMaxTCPConnectionDuration", [](uint64_t max) { if (!g_configurationDone) { g_maxTCPConnectionDuration = max; } @@ -1329,11 +1329,11 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setMaxCachedTCPConnectionsPerDownstream", [](size_t max) { + luaCtx.writeFunction("setMaxCachedTCPConnectionsPerDownstream", [](uint64_t max) { DownstreamTCPConnectionsManager::setMaxIdleConnectionsPerDownstream(max); }); - luaCtx.writeFunction("setMaxIdleDoHConnectionsPerDownstream", [](size_t max) { + luaCtx.writeFunction("setMaxIdleDoHConnectionsPerDownstream", [](uint64_t max) { setDoHDownstreamMaxIdleConnectionsPerBackend(max); }); @@ -1380,11 +1380,17 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_cacheCleaningDelay = delay; }); - luaCtx.writeFunction("setCacheCleaningPercentage", [](uint16_t percentage) { if (percentage < 100) g_cacheCleaningPercentage = percentage; else g_cacheCleaningPercentage = 100; }); + luaCtx.writeFunction("setCacheCleaningPercentage", [](uint64_t percentage) { if (percentage < 100) g_cacheCleaningPercentage = percentage; else g_cacheCleaningPercentage = 100; }); - luaCtx.writeFunction("setECSSourcePrefixV4", [](uint16_t prefix) { g_ECSSourcePrefixV4 = prefix; }); + luaCtx.writeFunction("setECSSourcePrefixV4", [](uint64_t prefix) { + checkParameterBound("setECSSourcePrefixV4", prefix, std::numeric_limits::max()); + g_ECSSourcePrefixV4 = prefix; + }); - luaCtx.writeFunction("setECSSourcePrefixV6", [](uint16_t prefix) { g_ECSSourcePrefixV6 = prefix; }); + luaCtx.writeFunction("setECSSourcePrefixV6", [](uint64_t prefix) { + checkParameterBound("setECSSourcePrefixV6", prefix, std::numeric_limits::max()); + g_ECSSourcePrefixV6 = prefix; + }); luaCtx.writeFunction("setECSOverride", [](bool override) { g_ECSOverride = override; }); @@ -1465,7 +1471,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) }); luaCtx.writeFunction("addDynBlockSMT", - [](const vector>& names, const std::string& msg, boost::optional seconds, boost::optional action) { + [](const vector>& names, const std::string& msg, boost::optional seconds, boost::optional action) { if (names.empty()) { return; } @@ -1516,7 +1522,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setDynBlocksPurgeInterval", [](unsigned int interval) { + luaCtx.writeFunction("setDynBlocksPurgeInterval", [](uint64_t interval) { DynBlockMaintenance::s_expiredDynBlocksPurgeInterval = interval; }); @@ -1620,7 +1626,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) #endif }); - luaCtx.writeFunction("getDNSCryptBind", [](size_t idx) { + luaCtx.writeFunction("getDNSCryptBind", [](uint64_t idx) { setLuaNoSideEffect(); #ifdef HAVE_DNSCRYPT std::shared_ptr ret = nullptr; @@ -1716,7 +1722,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("getBind", [](size_t num) { + luaCtx.writeFunction("getBind", [](uint64_t num) { setLuaNoSideEffect(); ClientState* ret = nullptr; if (num < g_frontends.size()) { @@ -1942,7 +1948,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setRingBuffersSize", [client](size_t capacity, boost::optional numberOfShards) { + luaCtx.writeFunction("setRingBuffersSize", [client](uint64_t capacity, boost::optional numberOfShards) { setLuaSideEffect(); if (g_configurationDone) { errlog("setRingBuffersSize() cannot be used at runtime!"); @@ -1957,7 +1963,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.writeFunction("setRingBuffersLockRetries", [](size_t retries) { + luaCtx.writeFunction("setRingBuffersLockRetries", [](uint64_t retries) { setLuaSideEffect(); g_rings.setNumberOfLockRetries(retries); }); @@ -1968,7 +1974,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_hashperturb = perturb; }); - luaCtx.writeFunction("setTCPInternalPipeBufferSize", [](size_t size) { g_tcpInternalPipeBufferSize = size; }); + luaCtx.writeFunction("setTCPInternalPipeBufferSize", [](uint64_t size) { g_tcpInternalPipeBufferSize = size; }); luaCtx.writeFunction("snmpAgent", [client, configCheck](bool enableTraps, boost::optional daemonSocket) { if (client || configCheck) @@ -2130,7 +2136,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_applyACLToProxiedClients = apply; }); - luaCtx.writeFunction("setProxyProtocolMaximumPayloadSize", [](size_t size) { + luaCtx.writeFunction("setProxyProtocolMaximumPayloadSize", [](uint64_t size) { if (g_configurationDone) { errlog("setProxyProtocolMaximumPayloadSize() cannot be used at runtime!"); g_outputBuffer = "setProxyProtocolMaximumPayloadSize() cannot be used at runtime!\n"; @@ -2140,7 +2146,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_proxyProtocolMaximumSize = std::max(static_cast(16), size); }); - luaCtx.writeFunction("setUDPMultipleMessagesVectorSize", [](size_t vSize) { + luaCtx.writeFunction("setUDPMultipleMessagesVectorSize", [](uint64_t vSize) { if (g_configurationDone) { errlog("setUDPMultipleMessagesVectorSize() cannot be used at runtime!"); g_outputBuffer = "setUDPMultipleMessagesVectorSize() cannot be used at runtime!\n"; @@ -2159,7 +2165,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) g_addEDNSToSelfGeneratedResponses = add; }); - luaCtx.writeFunction("setPayloadSizeOnSelfGeneratedAnswers", [](uint16_t payloadSize) { + luaCtx.writeFunction("setPayloadSizeOnSelfGeneratedAnswers", [](uint64_t payloadSize) { if (payloadSize < 512) { warnlog("setPayloadSizeOnSelfGeneratedAnswers() is set too low, using 512 instead!"); g_outputBuffer = "setPayloadSizeOnSelfGeneratedAnswers() is set too low, using 512 instead!"; @@ -2336,7 +2342,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } if (vars->count("customResponseHeaders")) { - for (auto const& headerMap : boost::get>((*vars).at("customResponseHeaders"))) { + for (auto const& headerMap : boost::get>>((*vars).at("customResponseHeaders"))) { frontend->d_customResponseHeaders.emplace_back(boost::to_lower_copy(headerMap.first), headerMap.second); } } @@ -2431,7 +2437,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) #endif }); - luaCtx.writeFunction("getDOHFrontend", [client](size_t index) { + luaCtx.writeFunction("getDOHFrontend", [client](uint64_t index) { std::shared_ptr result = nullptr; if (client) { return result; @@ -2490,7 +2496,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } }); - luaCtx.registerFunction::*)(const std::map>&)>("setResponsesMap", [](std::shared_ptr frontend, const std::map>& map) { + luaCtx.registerFunction::*)(const std::vector>>&)>("setResponsesMap", [](std::shared_ptr frontend, const std::vector>>& map) { if (frontend != nullptr) { auto newMap = std::make_shared>>(); newMap->reserve(map.size()); @@ -2598,7 +2604,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) #endif }); - luaCtx.writeFunction("getTLSContext", [](size_t index) { + luaCtx.writeFunction("getTLSContext", [](uint64_t index) { std::shared_ptr result = nullptr; #ifdef HAVE_DNS_OVER_TLS setLuaNoSideEffect(); @@ -2621,7 +2627,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) return result; }); - luaCtx.writeFunction("getTLSFrontend", [](size_t index) { + luaCtx.writeFunction("getTLSFrontend", [](uint64_t index) { std::shared_ptr result = nullptr; #ifdef HAVE_DNS_OVER_TLS setLuaNoSideEffect(); @@ -2737,7 +2743,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) }); #endif /* HAVE_LIBSSL && HAVE_OCSP_BASIC_SIGN*/ - luaCtx.writeFunction("addCapabilitiesToRetain", [](boost::variant> caps) { + luaCtx.writeFunction("addCapabilitiesToRetain", [](boost::variant>> caps) { setLuaSideEffect(); if (g_configurationDone) { g_outputBuffer = "addCapabilitiesToRetain cannot be used at runtime!\n"; @@ -2746,8 +2752,8 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) if (caps.type() == typeid(std::string)) { g_capabilitiesToRetain.insert(boost::get(caps)); } - else if (caps.type() == typeid(std::map)) { - for (const auto& cap : boost::get>(caps)) { + else if (caps.type() == typeid(std::vector>)) { + for (const auto& cap : boost::get>>(caps)) { g_capabilitiesToRetain.insert(cap.second); } } diff --git a/pdns/dnsdist-lua.hh b/pdns/dnsdist-lua.hh index 9611963c06..32eefa5bcc 100644 --- a/pdns/dnsdist-lua.hh +++ b/pdns/dnsdist-lua.hh @@ -131,8 +131,9 @@ private: typedef boost::variant>, std::shared_ptr, DNSName, vector > > luadnsrule_t; std::shared_ptr makeRule(const luadnsrule_t& var); -typedef std::unordered_map > luaruleparams_t; +typedef std::unordered_map luaruleparams_t; void parseRuleParams(boost::optional params, boost::uuids::uuid& uuid, std::string& name, uint64_t& creationOrder); +void checkParameterBound(const std::string& parameter, uint64_t value, size_t max = std::numeric_limits::max()); typedef NetmaskTree nmts_t; diff --git a/pdns/dnsdist-web.cc b/pdns/dnsdist-web.cc index 52972c20e8..81e6af1808 100644 --- a/pdns/dnsdist-web.cc +++ b/pdns/dnsdist-web.cc @@ -52,7 +52,7 @@ struct WebserverConfig NetmaskGroup acl; std::unique_ptr password; std::unique_ptr apiKey; - boost::optional > customHeaders; + boost::optional > customHeaders; bool statsRequireAuthentication{true}; }; @@ -354,7 +354,7 @@ static void handleCORS(const YaHTTP::Request& req, YaHTTP::Response& resp) } } -static void addSecurityHeaders(YaHTTP::Response& resp, const boost::optional >& customHeaders) +static void addSecurityHeaders(YaHTTP::Response& resp, const boost::optional >& customHeaders) { static const std::vector > headers = { { "X-Content-Type-Options", "nosniff" }, @@ -375,7 +375,7 @@ static void addSecurityHeaders(YaHTTP::Response& resp, const boost::optional >& customHeaders) +static void addCustomHeaders(YaHTTP::Response& resp, const boost::optional >& customHeaders) { if (!customHeaders) return; @@ -1537,7 +1537,7 @@ void setWebserverACL(const std::string& acl) g_webserverConfig.lock()->acl = std::move(newACL); } -void setWebserverCustomHeaders(const boost::optional > customHeaders) +void setWebserverCustomHeaders(const boost::optional > customHeaders) { g_webserverConfig.lock()->customHeaders = customHeaders; } diff --git a/pdns/dnsdistdist/dnsdist-web.hh b/pdns/dnsdistdist/dnsdist-web.hh index c119eee11d..e021e5866c 100644 --- a/pdns/dnsdistdist/dnsdist-web.hh +++ b/pdns/dnsdistdist/dnsdist-web.hh @@ -5,7 +5,7 @@ void setWebserverAPIKey(std::unique_ptr&& apiKey); void setWebserverPassword(std::unique_ptr&& password); void setWebserverACL(const std::string& acl); -void setWebserverCustomHeaders(const boost::optional > customHeaders); +void setWebserverCustomHeaders(const boost::optional > customHeaders); void setWebserverStatsRequireAuthentication(bool); void setWebserverMaxConcurrentConnections(size_t); diff --git a/pdns/dnsdistdist/test-dnsdistrules_cc.cc b/pdns/dnsdistdist/test-dnsdistrules_cc.cc index b44374fefa..c075c86dae 100644 --- a/pdns/dnsdistdist/test-dnsdistrules_cc.cc +++ b/pdns/dnsdistdist/test-dnsdistrules_cc.cc @@ -7,6 +7,14 @@ #include "dnsdist-rules.hh" +void checkParameterBound(const std::string& parameter, uint64_t value, size_t max); +void checkParameterBound(const std::string& parameter, uint64_t value, size_t max) +{ + if (value > std::numeric_limits::max()) { + throw std::runtime_error("The value passed to " + parameter + " is too large, the maximum is " + std::to_string(max)); + } +} + static DNSQuestion getDQ(const DNSName* providedName = nullptr) { static const DNSName qname("powerdns.com."); -- 2.47.2