Group :: System/Servers
RPM: dnsmasq
Navigation
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: Fix-possible-SEGV-when-no-servers-defined.patch
Download
Download
From f5ef0f064c3f06b250a9eeda36dc239227658b00 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 6 Mar 2023 23:00:58 +0000
Subject: [PATCH] Fix possible SEGV when no servers defined.
If there exists a --address=/<domain>/ or --server=/<domain>/#
configuration but no upstream server config unqualified by
domain then when a query which doesnt match the domain is
recieved it will use the qualfied server config and in the process
possibly make an out-of-bounds memory access.
Thanks to Daniel Danzberger for spotting the bug.
---
CHANGELOG | 11 +++++++++++
src/domain-match.c | 5 +++--
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/src/domain-match.c b/src/domain-match.c
index fe8e25a..9cc51e6 100644
--- a/src/domain-match.c
+++ b/src/domain-match.c
@@ -253,9 +253,10 @@ int lookup_domain(char *domain, int flags, int *lowout, int *highout)
if (highout)
*highout = nhigh;
- if (nlow == nhigh)
+ /* qlen == -1 when we failed to match even an empty query, if there are no default servers. */
+ if (nlow == nhigh || qlen == -1)
return 0;
-
+
return 1;
}
--
2.33.7