upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Fix chroot auth-zone fix to remove chroot prefix.

Browse source 
git-svn-id: file:///svn/unbound/trunk@4992 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2018-11-29 08:27:47 +00:00
parent fb342b73d3
commit 63dcbe3d75
2 changed files with 16 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
doc/Changelog
View file

@ -1,5 +1,6 @@
29 November 2018: Wouter 29 November 2018: Wouter
- iana portlist updated. - iana portlist updated.
- Fix chroot auth-zone fix to remove chroot prefix.
28 November 2018: Wouter 28 November 2018: Wouter
- Fix leak in chroot fix for auth-zone. - Fix leak in chroot fix for auth-zone.

26
services/authzone.c
View file

@ -1483,7 +1483,11 @@ az_parse_file(struct auth_zone* z, FILE* in, uint8_t* rr, size_t rrbuflen,
while(*incfile == ' ' || *incfile == '\t') while(*incfile == ' ' || *incfile == '\t')
incfile++; incfile++;
/* adjust for chroot on include file */ /* adjust for chroot on include file */
incfile = fname_after_chroot(incfile, cfg, 1); if(cfg->chrootdir && cfg->chrootdir[0] &&
strncmp(incfile, cfg->chrootdir,
strlen(cfg->chrootdir)) == 0)
incfile += strlen(cfg->chrootdir);
incfile = strdup(incfile);
if(!incfile) { if(!incfile) {
log_err("malloc failure"); log_err("malloc failure");
return 0; return 0;
@ -1549,7 +1553,11 @@ auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg)
FILE* in; FILE* in;
if(!z || !z->zonefile || z->zonefile[0]==0) if(!z || !z->zonefile || z->zonefile[0]==0)
return 1; /* no file, or "", nothing to read */ return 1; /* no file, or "", nothing to read */
zfilename = fname_after_chroot(z->zonefile, cfg, 1);
zfilename = z->zonefile;
if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename,
cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
zfilename += strlen(cfg->chrootdir);
if(verbosity >= VERB_ALGO) { if(verbosity >= VERB_ALGO) {
char nm[255+1]; char nm[255+1];
dname_str(z->name, nm); dname_str(z->name, nm);
@ -1563,13 +1571,11 @@ auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg)
verbose(VERB_ALGO, "no zonefile %s for %s", verbose(VERB_ALGO, "no zonefile %s for %s",
zfilename, n?n:"error"); zfilename, n?n:"error");
free(n); free(n);
free(zfilename);
return 1; return 1;
} }
log_err("cannot open zonefile %s for %s: %s", log_err("cannot open zonefile %s for %s: %s",
zfilename, n?n:"error", strerror(errno)); zfilename, n?n:"error", strerror(errno));
free(n); free(n);
free(zfilename);
return 0; return 0;
} }
@ -1591,11 +1597,9 @@ auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg)
log_err("error parsing zonefile %s for %s", log_err("error parsing zonefile %s for %s",
zfilename, n?n:"error"); zfilename, n?n:"error");
free(n); free(n);
free(zfilename);
fclose(in); fclose(in);
return 0; return 0;
} }
free(zfilename);
fclose(in); fclose(in);
return 1; return 1;
} }
@ -4800,6 +4804,7 @@ auth_zone_write_chunks(struct auth_xfer* xfr, const char* fname)
static void static void
xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env) xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env)
{ {
struct config_file* cfg = env->cfg;
struct auth_zone* z; struct auth_zone* z;
char tmpfile[1024]; char tmpfile[1024];
char* zfilename; char* zfilename;
@ -4825,14 +4830,16 @@ xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env)
/* no write needed, no zonefile set */ /* no write needed, no zonefile set */
return; return;
} }
zfilename = fname_after_chroot(z->zonefile, env->cfg, 1); zfilename = z->zonefile;
if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename,
cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
zfilename += strlen(cfg->chrootdir);
/* write to tempfile first */ /* write to tempfile first */
if((size_t)strlen(zfilename) + 16 > sizeof(tmpfile)) { if((size_t)strlen(zfilename) + 16 > sizeof(tmpfile)) {
verbose(VERB_ALGO, "tmpfilename too long, cannot update " verbose(VERB_ALGO, "tmpfilename too long, cannot update "
" zonefile %s", zfilename); " zonefile %s", zfilename);
lock_rw_unlock(&z->lock); lock_rw_unlock(&z->lock);
free(zfilename);
return; return;
} }
snprintf(tmpfile, sizeof(tmpfile), "%s.tmp%u", zfilename, snprintf(tmpfile, sizeof(tmpfile), "%s.tmp%u", zfilename,
@ -4846,7 +4853,6 @@ xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env)
} else if(!auth_zone_write_file(z, tmpfile)) { } else if(!auth_zone_write_file(z, tmpfile)) {
unlink(tmpfile); unlink(tmpfile);
lock_rw_unlock(&z->lock); lock_rw_unlock(&z->lock);
free(zfilename);
return; return;
} }
if(rename(tmpfile, zfilename) < 0) { if(rename(tmpfile, zfilename) < 0) {
@ -4854,11 +4860,9 @@ xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env)
strerror(errno)); strerror(errno));
unlink(tmpfile); unlink(tmpfile);
lock_rw_unlock(&z->lock); lock_rw_unlock(&z->lock);
free(zfilename);
return; return;
} }
lock_rw_unlock(&z->lock); lock_rw_unlock(&z->lock);
free(zfilename);
} }
/** process chunk list and update zone in memory, /** process chunk list and update zone in memory,