From 080582dc4739cabf0170b54e9a453785d577e364 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 8 Aug 2016 10:22:51 +1000 Subject: [PATCH] 4430. [bug] Lwresd died if a search list was not defined. Found by 0x710DDDD At Alibaba Security. [RT #42895] (cherry picked from commit 3146be6fd61f5e8901dd18e87718b887f5529e65) --- CHANGES | 3 ++ bin/named/lwsearch.c | 1 - bin/tests/system/lwresd/clean.sh | 1 + bin/tests/system/lwresd/lwresd1/nosearch.conf | 24 ++++++++++++++ bin/tests/system/lwresd/lwtest.c | 33 +++++++++++++++---- bin/tests/system/lwresd/tests.sh | 19 +++++++++++ 6 files changed, 73 insertions(+), 8 deletions(-) create mode 100644 bin/tests/system/lwresd/lwresd1/nosearch.conf diff --git a/CHANGES b/CHANGES index 1a5018a2f4..7f79148a81 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4430. [bug] Lwresd died if a search list was not defined. + Found by 0x710DDDD At Alibaba Security. [RT #42895] + 4429. [bug] Address potential use after free on fclose() error. [RT #42976] diff --git a/bin/named/lwsearch.c b/bin/named/lwsearch.c index d84983c558..c9117a9662 100644 --- a/bin/named/lwsearch.c +++ b/bin/named/lwsearch.c @@ -155,7 +155,6 @@ ns_lwsearchctx_next(ns_lwsearchctx_t *sctx) { return (ISC_R_NOMORE); if (sctx->searchname == NULL) { - INSIST (!sctx->exactfirst || sctx->doneexact); if (sctx->exactfirst || sctx->doneexact) return (ISC_R_NOMORE); sctx->doneexact = ISC_TRUE; diff --git a/bin/tests/system/lwresd/clean.sh b/bin/tests/system/lwresd/clean.sh index 5daf9d3c99..af8c45bf72 100644 --- a/bin/tests/system/lwresd/clean.sh +++ b/bin/tests/system/lwresd/clean.sh @@ -13,6 +13,7 @@ rm -f */named.memstats rm -f */named.run rm -f dig.out rm -f lwresd1/lwresd.run.resolv +rm -f lwresd1/lwresd.run.lwresd rm -f ns*/named.lock rm -f lwresd*/lwresd.lock rm -f lwresd*/lwresd.run diff --git a/bin/tests/system/lwresd/lwresd1/nosearch.conf b/bin/tests/system/lwresd/lwresd1/nosearch.conf new file mode 100644 index 0000000000..d44cee2d23 --- /dev/null +++ b/bin/tests/system/lwresd/lwresd1/nosearch.conf @@ -0,0 +1,24 @@ +/* + * Copyright (C) 2000, 2001, 2004, 2007, 2016 Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +/* $Id: lwresd.conf,v 1.8 2007/06/19 23:47:04 tbox Exp $ */ + +controls { /* empty */ }; + +options { + port 5300; + pid-file "lwresd.pid"; + forwarders {10.53.0.1;}; + forward only; +}; + +lwres { + listen-on {10.53.0.1 port 9210;}; + view "_default"; + ndots 1; +}; diff --git a/bin/tests/system/lwresd/lwtest.c b/bin/tests/system/lwresd/lwtest.c index 1d65841bde..402948b767 100644 --- a/bin/tests/system/lwresd/lwtest.c +++ b/bin/tests/system/lwresd/lwtest.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include @@ -631,12 +632,18 @@ test_getrrsetbyname(const char *name, int rdclass, int rdtype, } int -main(void) { +main(int argc, char **argv) { lwres_result_t ret; + int nosearch = 0; + + UNUSED(argc); lwres_udp_port = 9210; lwres_resolv_conf = "resolv.conf"; + if (argv[1] != NULL && strcmp(argv[1], "-nosearch") == 0) + nosearch = 1; + ret = lwres_context_create(&ctx, NULL, NULL, NULL, 0); CHECK(ret, "lwres_context_create"); @@ -655,10 +662,16 @@ main(void) { LWRES_ADDRTYPE_V4); test_gabn("a.example3", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V4); test_gabn("a.example3.", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V4); - test_gabn("a", LWRES_R_SUCCESS, "10.0.1.1", LWRES_ADDRTYPE_V4); + if (nosearch) + test_gabn("a", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V4); + else + test_gabn("a", LWRES_R_SUCCESS, "10.0.1.1", LWRES_ADDRTYPE_V4); test_gabn("a.", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V4); - test_gabn("a2", LWRES_R_SUCCESS, "10.0.1.1", LWRES_ADDRTYPE_V4); + if (nosearch) + test_gabn("a2", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V4); + else + test_gabn("a2", LWRES_R_SUCCESS, "10.0.1.1", LWRES_ADDRTYPE_V4); test_gabn("a3", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V4); test_gabn("b.example1", LWRES_R_SUCCESS, @@ -675,9 +688,12 @@ main(void) { LWRES_ADDRTYPE_V6); test_gabn("b.example3", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V6); test_gabn("b.example3.", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V6); - test_gabn("b", LWRES_R_SUCCESS, - "eeee:eeee:eeee:eeee:ffff:ffff:ffff:ffff", - LWRES_ADDRTYPE_V6); + if (nosearch) + test_gabn("b", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V6); + else + test_gabn("b", LWRES_R_SUCCESS, + "eeee:eeee:eeee:eeee:ffff:ffff:ffff:ffff", + LWRES_ADDRTYPE_V6); test_gabn("b.", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V6); test_gabn("d.example1", LWRES_R_NOTFOUND, NULL, LWRES_ADDRTYPE_V6); @@ -752,7 +768,10 @@ main(void) { test_getnameinfo("1122:3344:5566:7788:99aa:bbcc:ddee:ff00", AF_INET6, "dname.example1"); - test_getrrsetbyname("a", 1, 1, 1, 0, 1); + if (nosearch) + test_getrrsetbyname("a", 1, 1, 0, 0, 0); + else + test_getrrsetbyname("a", 1, 1, 1, 0, 1); test_getrrsetbyname("a.example1.", 1, 1, 1, 0, 1); test_getrrsetbyname("e.example1.", 1, 1, 1, 1, 1); test_getrrsetbyname("e.example1.", 1, 255, 1, 1, 0); diff --git a/bin/tests/system/lwresd/tests.sh b/bin/tests/system/lwresd/tests.sh index abeea5a06e..7f26469b54 100644 --- a/bin/tests/system/lwresd/tests.sh +++ b/bin/tests/system/lwresd/tests.sh @@ -61,5 +61,24 @@ if [ $ret != 0 ]; then fi status=`expr $status + $ret` +$PERL $SYSTEMTESTTOP/stop.pl . lwresd1 + +mv lwresd1/lwresd.run lwresd1/lwresd.run.lwresd + +$PERL $SYSTEMTESTTOP/start.pl . lwresd1 -- "-X lwresd.lock -m record,size,mctx -c nosearch.conf -d 99 -g" + +echo "I:using nosearch.conf" +ret=0 +for i in 0 1 2 3 4 5 6 7 8 9 +do + grep ' running$' lwresd1/lwresd.run > /dev/null && break + sleep 1 +done +./lwtest -nosearch || ret=1 +if [ $ret != 0 ]; then + echo "I:failed" +fi +status=`expr $status + $ret` + echo "I:exit status: $status" [ $status -eq 0 ] || exit 1