From fdfda2cc394e49c83b36536e14c91f165fef5a5d Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Wed, 30 Apr 2025 16:51:04 +0200 Subject: [PATCH] dnsdist: Fix memory corruption when using `getAddressInfo` The object holding the callback function, which is translated into a `LuaContext::LuaFunctionCaller`, needs to be destroyed while holding the Lua mutex because it will unregister itself from the Lua context, causing a corruption if a different thread is accessing the Lua context at the same time. --- pdns/dnsdistdist/dnsdist-lua-bindings.cc | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pdns/dnsdistdist/dnsdist-lua-bindings.cc b/pdns/dnsdistdist/dnsdist-lua-bindings.cc index a0e4ed0d66..abc80f7d1b 100644 --- a/pdns/dnsdistdist/dnsdist-lua-bindings.cc +++ b/pdns/dnsdistdist/dnsdist-lua-bindings.cc @@ -869,7 +869,7 @@ void setupLuaBindings(LuaContext& luaCtx, bool client, bool configCheck) if (client || configCheck) { return; } - std::thread newThread(dnsdist::resolver::asynchronousResolver, std::move(hostname), [callback = std::move(callback)](const std::string& resolvedHostname, std::vector& ips) { + std::thread newThread(dnsdist::resolver::asynchronousResolver, std::move(hostname), [callback = std::move(callback)](const std::string& resolvedHostname, std::vector& ips) mutable { LuaArray result; result.reserve(ips.size()); for (const auto& entry : ips) { @@ -877,7 +877,15 @@ void setupLuaBindings(LuaContext& luaCtx, bool client, bool configCheck) } { auto lua = g_lua.lock(); - callback(resolvedHostname, result); + try { + callback(resolvedHostname, result); + } + catch (const std::exception& exp) { + vinfolog("Error during execution of getAddressInfo callback: %s", exp.what()); + } + // this _needs_ to be done while we are holding the lock, + // otherwise the destructor will corrupt the stack + callback = nullptr; dnsdist::handleQueuedAsynchronousEvents(); } }); -- 2.47.2