upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-22 06:37:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix nsupdate hang when processing a large update

Browse source 
The root cause is the fix for CVE-2024-0760 (part 3), which resets
the TCP connection on a failed send. Specifically commit
4b7c61381f stops reading on the socket
because the TCP connection is throttling.

When the tcpdns_send_cb callback thinks about restarting reading
on the socket, this fails because the socket is a client socket.
And nsupdate is a client and is using the same netmgr code.

This commit removes the requirement that the socket must be a server
socket, allowing reading on the socket again after being throttled.

(cherry picked from commit aa24b77d8b)
This commit is contained in:
Matthijs Mekking 2024-11-01 13:25:26 +01:00
parent cc004b2b8f
commit a7b291adc7
1 changed files with 10 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
lib/isc/netmgr/tcp.c
View file

@ -1167,12 +1167,16 @@ tcp_send_direct(isc_nmsocket_t *sock, isc__nm_uvreq_t *req) {
}
}
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_NETMGR,
ISC_LOG_DEBUG(3),
"throttling TCP connection, the other side is not "
"reading the data, switching to uv_write()");
sock->reading_throttled = true;
isc__nm_stop_reading(sock);
if (!sock->client && sock->reading) {
sock->reading_throttled = true;
isc__nm_stop_reading(sock);
}
isc__nmsocket_log(sock, ISC_LOG_DEBUG(3),
"%sthe other side is not "
"reading the data, switching to uv_write()",
!sock->client && sock->reading
? "throttling TCP connection, "
: "");
r = uv_write(&req->uv_req.write, &sock->uv_handle.stream, bufs, nbufs,
tcp_send_cb);