From f6658b333e44982d8272799e1577b6872909537f Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Tue, 9 Jan 2024 11:35:11 +0000 Subject: [PATCH 1/3] Fix a possible dig/host crash in "NS search" mode When getting a SERVFAIL reply from a query, 'host' tries to start the next query in the lookup's list (also true for 'dig +nofail'). However, when running with the '-C' switch (or +nssearch for 'dig'), all the queries in the lookup start from the beginning, so that logic brings to a crash because of the attempted start of the query which was already started. Don't start the next query in the affected code path when in +nssearch mode. --- bin/dig/dighost.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 6f06f62389..362eb3d33a 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -4358,7 +4358,7 @@ recv_done(isc_nmhandle_t *handle, isc_result_t eresult, isc_region_t *region, if (l->current_query == query) { query_detach(&l->current_query); } - if (next != NULL) { + if (next != NULL && (!l->ns_search_only || l->trace_root)) { debug("sending query %p", next); if (l->tcp_mode) { start_tcp(next); From 913b20abf816b1a2d8581fab7f780f5addf3b5e0 Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Tue, 9 Jan 2024 11:51:34 +0000 Subject: [PATCH 2/3] Print a dig comment about the failed query consistently Dig failed to print a comment about the reason of the unacceptable query reply got from a server when there was no other query to start in the lookup's chain. Add an "else" block to print out the comment even when not starting up the next query. --- bin/dig/dighost.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 362eb3d33a..b9ceaa22dd 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -4354,29 +4354,32 @@ recv_done(isc_nmhandle_t *handle, isc_result_t eresult, isc_region_t *region, if ((msg->rcode == dns_rcode_servfail && !l->servfail_stops) || (check_ra && (msg->flags & DNS_MESSAGEFLAG_RA) == 0 && l->recurse)) { + const char *err = (msg->rcode == dns_rcode_servfail && + !l->servfail_stops) + ? "SERVFAIL reply" + : "recursion not available"; dig_query_t *next = ISC_LIST_NEXT(query, link); if (l->current_query == query) { query_detach(&l->current_query); } if (next != NULL && (!l->ns_search_only || l->trace_root)) { + dighost_comments(l, + "Got %s from %s, trying next server", + err, query->servname); debug("sending query %p", next); if (l->tcp_mode) { start_tcp(next); } else { start_udp(next); } - dighost_comments(l, - "Got %s from %s, trying next " - "server", - msg->rcode == dns_rcode_servfail - ? "SERVFAIL reply" - : "recursion not available", - query->servname); if (check_if_queries_done(l, query)) { goto cancel_lookup; } goto detach_query; + } else { + dighost_comments(l, "Got %s from %s", err, + query->servname); } } From 1246d982a275fdc367319886ba9cc514c83153dc Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Tue, 9 Jan 2024 12:01:14 +0000 Subject: [PATCH 3/3] Add a CHANGES note for [GL #4508] --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index be62c90fd0..c428ab1b5b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +6320. [bug] Fix a possible crash in 'dig +nssearch +nofail' and + 'host -C' commands when one of the name servers returns + SERVFAIL. [GL #4508] + 6319. [placeholder] 6318. [placeholder]