- Various fixes for #632: variable initialisation, convert the qinfo

to str once, accept trailing dot in the local-zone ipset option.

doc/Changelog

@@ -1,5 +1,7 @@
 2 March 2022: George
 	- Merge PR #632 from scottrw93: Match cnames in ipset.
+	- Various fixes for #632: variable initialisation, convert the qinfo
+	  to str once, accept trailing dot in the local-zone ipset option.
 
 1 March 2022: Wouter
 	- Fix pythonmod for change in iter_dp_is_useless function prototype.

ipset/ipset.c

@@ -138,12 +138,11 @@ ipset_add_rrset_data(struct ipset_env *ie, struct mnl_socket *mnl,
 static int
 ipset_check_zones_for_rrset(struct module_env *env, struct ipset_env *ie,
 	struct mnl_socket *mnl, struct ub_packed_rrset_key *rrset,
-	struct query_info qinfo, const char *setname, int af)
+	const char *qname, const int qlen, const char *setname, int af)
 {
 	static char dname[BUFF_LEN];
-	static char qname[BUFF_LEN];
 	const char *ds, *qs;
-	int dlen, plen, qlen;
+	int dlen, plen;
 
 	struct config_strlist *p;
 	struct packed_rrset_data *d;
@@ -153,16 +152,10 @@ ipset_check_zones_for_rrset(struct module_env *env, struct ipset_env *ie,
 		log_err("bad domain name");
 		return -1;
 	}
-	if (dname[dlen - 1] == '.') {
-		dlen--;
-	}
-
-	qlen = sldns_wire2str_dname_buf(qinfo.qname, qinfo.qname_len, qname, BUFF_LEN);
-	if (qname[qlen - 1] == '.') {
-		qlen--;
-	}
 
 	for (p = env->cfg->local_zones_ipset; p; p = p->next) {
+		ds = NULL;
+		qs = NULL;
 		plen = strlen(p->str);
 
 		if (dlen >= plen) {
@@ -186,47 +179,46 @@ static int ipset_update(struct module_env *env, struct dns_msg *return_msg,
 	struct query_info qinfo, struct ipset_env *ie)
 {
 	struct mnl_socket *mnl;
-
 	size_t i;
-
 	const char *setname;
-
 	struct ub_packed_rrset_key *rrset;
-
 	int af;
-
+	static char qname[BUFF_LEN];
+	int qlen;
 
 	mnl = (struct mnl_socket *)ie->mnl;
 	if (!mnl) {
-		// retry to create mnl socket
+		/* retry to create mnl socket */
 		mnl = open_mnl_socket();
 		if (!mnl) {
 			return -1;
 		}
-
 		ie->mnl = mnl;
 	}
 
-	for (i = 0; i < return_msg->rep->rrset_count; ++i) {
+	qlen = sldns_wire2str_dname_buf(qinfo.qname, qinfo.qname_len,
+		qname, BUFF_LEN);
+	if(qlen == 0) {
+		log_err("bad domain name");
+		return -1;
+	}
+
+	for(i = 0; i < return_msg->rep->rrset_count; i++) {
 		setname = NULL;
-
 		rrset = return_msg->rep->rrsets[i];
-
-		if (rrset->rk.type == htons(LDNS_RR_TYPE_A)) {
+		if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_A &&
+			ie->v4_enabled == 1) {
 			af = AF_INET;
-			if ((ie->v4_enabled == 1)) {
-				setname = ie->name_v4;
-			}
-		} else {
+			setname = ie->name_v4;
+		} else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_AAAA &&
+			ie->v6_enabled == 1) {
 			af = AF_INET6;
-			if ((ie->v6_enabled == 1)) {
-				setname = ie->name_v6;
-			}
+			setname = ie->name_v6;
 		}
 
 		if (setname) {
 			if(ipset_check_zones_for_rrset(env, ie, mnl, rrset,
-				qinfo, setname, af) == -1)
+				qname, qlen, setname, af) == -1)
 				return -1;
 		}
 	}

testdata/ipset.tdir/ipset.conf

@@ -11,7 +11,7 @@ server:
 	chroot: ""
 	username: ""
 	do-not-query-localhost: no
-	local-zone: "example.net" ipset
+	local-zone: "example.net." ipset
 stub-zone:
 	name: "example.net."
 	stub-addr: "127.0.0.1@@TOPORT@"

util/configparser.h

@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.6.4.  */
+/* A Bison parser, made by GNU Bison 3.7.6.  */
 
 /* Bison interface for Yacc-like parsers in C
 
-   Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2020 Free Software Foundation,
+   Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software Foundation,
    Inc.
 
    This program is free software: you can redistribute it and/or modify
@@ -16,7 +16,7 @@
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
 
 /* As a special exception, you may create a larger work that contains
    part or all of the Bison parser skeleton and distribute that work
@@ -380,6 +380,7 @@ extern int yydebug;
   typedef enum yytokentype yytoken_kind_t;
 #endif
 /* Token kinds.  */
+#define YYEMPTY -2
 #define YYEOF 0
 #define YYerror 256
 #define YYUNDEF 257
@@ -714,7 +715,7 @@ union YYSTYPE
 
 	char*	str;
 
-#line 718 "util/configparser.h"
+#line 719 "util/configparser.h"
 
 };
 typedef union YYSTYPE YYSTYPE;

util/configparser.y

@@ -2175,7 +2175,7 @@ server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
 		   && strcmp($3, "noview")!=0
 		   && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0
 		   && strcmp($3, "inform_redirect") != 0
-			 && strcmp($3, "ipset") != 0) {
+		   && strcmp($3, "ipset") != 0) {
 			yyerror("local-zone type: expected static, deny, "
 				"refuse, redirect, transparent, "
 				"typetransparent, inform, inform_deny, "
@@ -2192,6 +2192,16 @@ server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
 			free($3);
 #ifdef USE_IPSET
 		} else if(strcmp($3, "ipset")==0) {
+			size_t len = strlen($2);
+			/* Make sure to add the trailing dot.
+			 * These are str compared to domain names. */
+			if($2[len-1] != '.') {
+				if(!($2 = realloc($2, len+2))) {
+					fatal_exit("out of memory adding local-zone");
+				}
+				$2[len] = '.';
+				$2[len+1] = 0;
+			}
 			if(!cfg_strlist_insert(&cfg_parser->cfg->
 				local_zones_ipset, $2))
 				fatal_exit("out of memory adding local-zone");
@@ -2990,6 +3000,16 @@ view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
 			free($3);
 #ifdef USE_IPSET
 		} else if(strcmp($3, "ipset")==0) {
+			size_t len = strlen($2);
+			/* Make sure to add the trailing dot.
+			 * These are str compared to domain names. */
+			if($2[len-1] != '.') {
+				if(!($2 = realloc($2, len+2))) {
+					fatal_exit("out of memory adding local-zone");
+				}
+				$2[len] = '.';
+				$2[len+1] = 0;
+			}
 			if(!cfg_strlist_insert(&cfg_parser->cfg->views->
 				local_zones_ipset, $2))
 				fatal_exit("out of memory adding local-zone");