[gentoo-commits] gentoo-x86 commit in net-dns/dnsmasq/files: dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch - gentoo-commits

From:	"Patrick McLean (chutzpah)" <chutzpah@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in net-dns/dnsmasq/files: dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch
Date:	Tue, 28 Apr 2015 18:17:08
Message-Id:	`20150428181657.73F3D977@oystercatcher.gentoo.org`

1

chutzpah    15/04/28 18:16:54

2

3

  Added:               

4

                        dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch

5

                        dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch

6

  Log:

7

  Revision bump, pull in a couple of crasher fixes from upstream including one that could lead to an information leak (bug #547966). Update dependency on lua to include slot operator. Clean out a couple of old versions.

8

9

  (Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 0xE3F69979BB4B8928DA78E3D17CBF44EF)

10

11

Revision  Changes    Path

12

1.1                  net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch

13

14

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch?rev=1.1&view=markup

15

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch?rev=1.1&content-type=text/plain

16

17

Index: dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch

18

===================================================================

19

commit ad4a8ff7d9097008d7623df8543df435bfddeac8

20

Author: Simon Kelley <simon@××××××××××××××.uk>

21

Date:   Thu Apr 9 21:48:00 2015 +0100

22

23

    Fix crash on receipt of certain malformed DNS requests.

24

25

diff --git a/src/rfc1035.c b/src/rfc1035.c

26

index 7a07b0c..a995ab5 100644

27

--- a/src/rfc1035.c

28

+++ b/src/rfc1035.c

29

@@ -1198,7 +1198,10 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,

30

 size_t setup_reply(struct dns_header *header, size_t qlen,

31

 		struct all_addr *addrp, unsigned int flags, unsigned long ttl)

32

{

33

-  unsigned char *p = skip_questions(header, qlen);

34

+  unsigned char *p;

35

+

36

+  if (!(p = skip_questions(header, qlen)))

37

+    return 0;

38

39

   /* clear authoritative and truncated flags, set QR flag */

40

   header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;

41

@@ -1214,7 +1217,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,

42

     SET_RCODE(header, NOERROR); /* empty domain */

43

   else if (flags == F_NXDOMAIN)

44

     SET_RCODE(header, NXDOMAIN);

45

-  else if (p && flags == F_IPV4)

46

+  else if (flags == F_IPV4)

47

     { /* we know the address */

48

       SET_RCODE(header, NOERROR);

49

       header->ancount = htons(1);

50

@@ -1222,7 +1225,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,

51

       add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);

52

}

53

 #ifdef HAVE_IPV6

54

-  else if (p && flags == F_IPV6)

55

+  else if (flags == F_IPV6)

56

{

57

       SET_RCODE(header, NOERROR);

58

       header->ancount = htons(1);

1.1                  net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch

63

64

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch?rev=1.1&view=markup

65

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch?rev=1.1&content-type=text/plain

66

67

Index: dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch

68

===================================================================

69

commit 04b0ac05377936d121a36873bb63d492cde292c9

70

Author: Simon Kelley <simon@××××××××××××××.uk>

71

Date:   Mon Apr 6 17:19:13 2015 +0100

72

73

    Fix crash caused by looking up servers.bind when many servers defined.

74

75

diff --git a/src/cache.c b/src/cache.c

76

index d7bea57..178d654 100644

77

--- a/src/cache.c

78

+++ b/src/cache.c

79

@@ -1367,7 +1367,7 @@ int cache_make_stat(struct txt_record *t)

80

}

81

 	    port = prettyprint_addr(&serv->addr, daemon->addrbuff);

82

 	    lenp = p++; /* length */

83

-	    bytes_avail = (p - buff) + bufflen;

84

+	    bytes_avail = bufflen - (p - buff );

85

 	    bytes_needed = snprintf(p, bytes_avail, "%s#%d %u %u", daemon->addrbuff, port, queries, failed_queries);

86

 	    if (bytes_needed >= bytes_avail)

87

{

88

@@ -1381,7 +1381,7 @@ int cache_make_stat(struct txt_record *t)

89

 		lenp = p - 1;

90

 		buff = new;

91

 		bufflen = newlen;

92

-		bytes_avail = (p - buff) + bufflen;

93

+		bytes_avail =  bufflen - (p - buff );

94

 		bytes_needed = snprintf(p, bytes_avail, "%s#%d %u %u", daemon->addrbuff, port, queries, failed_queries);

95

}

96

 	    *lenp = bytes_needed;

1	chutzpah 15/04/28 18:16:54
2
3	Added:
4	dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch
5	dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch
6	Log:
7	Revision bump, pull in a couple of crasher fixes from upstream including one that could lead to an information leak (bug #547966). Update dependency on lua to include slot operator. Clean out a couple of old versions.
8
9	(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 0xE3F69979BB4B8928DA78E3D17CBF44EF)
10
11	Revision Changes Path
12	1.1 net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch
13
14	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch?rev=1.1&view=markup
15	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch?rev=1.1&content-type=text/plain
16
17	Index: dnsmasq-2.72-Fix-crash-on-receipt-of-certain-malformed-DNS-requests.patch
18	===================================================================
19	commit ad4a8ff7d9097008d7623df8543df435bfddeac8
20	Author: Simon Kelley <simon@××××××××××××××.uk>
21	Date: Thu Apr 9 21:48:00 2015 +0100
22
23	Fix crash on receipt of certain malformed DNS requests.
24
25	diff --git a/src/rfc1035.c b/src/rfc1035.c
26	index 7a07b0c..a995ab5 100644
27	--- a/src/rfc1035.c
28	+++ b/src/rfc1035.c
29	@@ -1198,7 +1198,10 @@ unsigned int extract_request(struct dns_header header, size_t qlen, char name,
30	size_t setup_reply(struct dns_header *header, size_t qlen,
31	struct all_addr *addrp, unsigned int flags, unsigned long ttl)
32	{
33	- unsigned char *p = skip_questions(header, qlen);
34	+ unsigned char *p;
35	+
36	+ if (!(p = skip_questions(header, qlen)))
37	+ return 0;
38
39	/* clear authoritative and truncated flags, set QR flag */
40	header->hb3 = (header->hb3 & ~(HB3_AA \| HB3_TC)) \| HB3_QR;
41	@@ -1214,7 +1217,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
42	SET_RCODE(header, NOERROR); /* empty domain */
43	else if (flags == F_NXDOMAIN)
44	SET_RCODE(header, NXDOMAIN);
45	- else if (p && flags == F_IPV4)
46	+ else if (flags == F_IPV4)
47	{ /* we know the address */
48	SET_RCODE(header, NOERROR);
49	header->ancount = htons(1);
50	@@ -1222,7 +1225,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
51	add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);
52	}
53	#ifdef HAVE_IPV6
54	- else if (p && flags == F_IPV6)
55	+ else if (flags == F_IPV6)
56	{
57	SET_RCODE(header, NOERROR);
58	header->ancount = htons(1);
59
60
61
62	1.1 net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch
63
64	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch?rev=1.1&view=markup
65	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/dnsmasq/files/dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch?rev=1.1&content-type=text/plain
66
67	Index: dnsmasq-2.72-Fix-crash-caused-by-looking-up-servers.bind-when-many-servers-defined.patch
68	===================================================================
69	commit 04b0ac05377936d121a36873bb63d492cde292c9
70	Author: Simon Kelley <simon@××××××××××××××.uk>
71	Date: Mon Apr 6 17:19:13 2015 +0100
72
73	Fix crash caused by looking up servers.bind when many servers defined.
74
75	diff --git a/src/cache.c b/src/cache.c
76	index d7bea57..178d654 100644
77	--- a/src/cache.c
78	+++ b/src/cache.c
79	@@ -1367,7 +1367,7 @@ int cache_make_stat(struct txt_record *t)
80	}
81	port = prettyprint_addr(&serv->addr, daemon->addrbuff);
82	lenp = p++; /* length */
83	- bytes_avail = (p - buff) + bufflen;
84	+ bytes_avail = bufflen - (p - buff );
85	bytes_needed = snprintf(p, bytes_avail, "%s#%d %u %u", daemon->addrbuff, port, queries, failed_queries);
86	if (bytes_needed >= bytes_avail)
87	{
88	@@ -1381,7 +1381,7 @@ int cache_make_stat(struct txt_record *t)
89	lenp = p - 1;
90	buff = new;
91	bufflen = newlen;
92	- bytes_avail = (p - buff) + bufflen;
93	+ bytes_avail = bufflen - (p - buff );
94	bytes_needed = snprintf(p, bytes_avail, "%s#%d %u %u", daemon->addrbuff, port, queries, failed_queries);
95	}
96	*lenp = bytes_needed;

Gentoo Archives: gentoo-commits