From fc224cf0b64f025fd9ee18ab1fa0c7a0ad5f01af Mon Sep 17 00:00:00 2001 From: Kees Monshouwer Date: Wed, 26 May 2021 20:41:08 +0200 Subject: [PATCH] auth: fix possibe crash in getAllDomains() --- modules/tinydnsbackend/tinydnsbackend.cc | 9 ++++++++- modules/tinydnsbackend/tinydnsbackend.hh | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/tinydnsbackend/tinydnsbackend.cc b/modules/tinydnsbackend/tinydnsbackend.cc index 96b076cf7e..0dbcf85d16 100644 --- a/modules/tinydnsbackend/tinydnsbackend.cc +++ b/modules/tinydnsbackend/tinydnsbackend.cc @@ -156,6 +156,7 @@ void TinyDNSBackend::setNotified(uint32_t id, uint32_t serial) void TinyDNSBackend::getAllDomains(vector* domains, bool include_disabled) { d_isAxfr = true; + d_isGetDomains = true; d_dnspacket = NULL; try { @@ -191,6 +192,7 @@ void TinyDNSBackend::getAllDomains(vector* domains, bool include_dis bool TinyDNSBackend::list(const DNSName& target, int domain_id, bool include_disabled) { d_isAxfr = true; + d_isGetDomains = false; string key = target.toDNSStringLC(); try { d_cdbReader = std::unique_ptr(new CDB(getArg("dbfile"))); @@ -206,6 +208,7 @@ bool TinyDNSBackend::list(const DNSName& target, int domain_id, bool include_dis void TinyDNSBackend::lookup(const QType& qtype, const DNSName& qdomain, int zoneId, DNSPacket* pkt_p) { d_isAxfr = false; + d_isGetDomains = false; string queryDomain = toLowerCanonic(qdomain.toString()); string key = simpleCompress(queryDomain); @@ -262,6 +265,10 @@ bool TinyDNSBackend::get(DNSResourceRecord& rr) PacketReader pr(val, 0); rr.qtype = QType(pr.get16BitInt()); + if (d_isGetDomains && rr.qtype != QType::SOA) { + continue; + } + if (d_isAxfr || d_qtype.getCode() == QType::ANY || rr.qtype == d_qtype) { char locwild = pr.get8BitInt(); if (locwild != '\075' && (locwild == '\076' || locwild == '\053')) { @@ -333,7 +340,7 @@ bool TinyDNSBackend::get(DNSResourceRecord& rr) } catch (...) { g_log << Logger::Error << backendname << "Failed to parse record content for " << rr.qname << " with type " << rr.qtype.toString(); - if (d_ignorebogus) { + if (d_ignorebogus || d_isGetDomains) { g_log << ". Ignoring!" << endl; continue; } diff --git a/modules/tinydnsbackend/tinydnsbackend.hh b/modules/tinydnsbackend/tinydnsbackend.hh index a058af7a41..efcb2436a4 100644 --- a/modules/tinydnsbackend/tinydnsbackend.hh +++ b/modules/tinydnsbackend/tinydnsbackend.hh @@ -104,6 +104,7 @@ private: DNSPacket* d_dnspacket; // used for location and edns-client support. bool d_isWildcardQuery; // Indicate if the query received was a wildcard query. bool d_isAxfr; // Indicate if we received a list() and not a lookup(). + bool d_isGetDomains{false}; bool d_locations; bool d_ignorebogus; string d_suffix; -- 2.47.2