From 1f400b68a8e6b7a1111151b512eaee2c49bae2ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Mon, 26 Feb 2018 10:52:58 +0100 Subject: [PATCH 1/3] Do not ignore resolv.conf syntax errors irs_resconf_load() stores the value returned by add_search() into ret without consulting its current value first. This causes any previous errors raised while parsing resolv.conf to be ignored as long as any "domain" or "search" statement is present in the file. Prevent this by returning early in case an error is detected while parsing resolv.conf. Ensure that "searchlist" and "magic" members of the created irs_resconf_t structure are always initialized before isc_resconf_destroy() is called. --- lib/irs/resconf.c | 7 ++++++- lib/irs/tests/resconf_test.c | 6 ++++++ lib/irs/tests/testdata/options-bad-ndots.conf | 11 +++++++++++ lib/irs/tests/testdata/options-empty.conf | 11 +++++++++++ 4 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 lib/irs/tests/testdata/options-bad-ndots.conf create mode 100644 lib/irs/tests/testdata/options-empty.conf diff --git a/lib/irs/resconf.c b/lib/irs/resconf.c index 6cb4ce327a..55a50979cf 100644 --- a/lib/irs/resconf.c +++ b/lib/irs/resconf.c @@ -503,6 +503,7 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) conf->mctx = mctx; ISC_LIST_INIT(conf->nameservers); + ISC_LIST_INIT(conf->searchlist); conf->numns = 0; conf->domainname = NULL; conf->searchnxt = 0; @@ -557,6 +558,10 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) } } + if (ret != ISC_R_SUCCESS) { + goto error; + } + /* If we don't find a nameserver fall back to localhost */ if (conf->numns == 0U) { INSIST(ISC_LIST_EMPTY(conf->nameservers)); @@ -570,7 +575,6 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) * Construct unified search list from domain or configured * search list */ - ISC_LIST_INIT(conf->searchlist); if (conf->domainname != NULL) { ret = add_search(conf, conf->domainname); } else if (conf->searchnxt > 0) { @@ -581,6 +585,7 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) } } + error: conf->magic = IRS_RESCONF_MAGIC; if (ret != ISC_R_SUCCESS) diff --git a/lib/irs/tests/resconf_test.c b/lib/irs/tests/resconf_test.c index 7f527a83cb..298cdc5668 100644 --- a/lib/irs/tests/resconf_test.c +++ b/lib/irs/tests/resconf_test.c @@ -82,6 +82,12 @@ ATF_TC_BODY(irs_resconf_load, tc) { }, { "testdata/options.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS + }, { + "testdata/options-bad-ndots.conf", ISC_R_RANGE, + NULL, ISC_R_SUCCESS + }, { + "testdata/options-empty.conf", ISC_R_UNEXPECTEDEND, + NULL, ISC_R_SUCCESS }, { "testdata/port.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS diff --git a/lib/irs/tests/testdata/options-bad-ndots.conf b/lib/irs/tests/testdata/options-bad-ndots.conf new file mode 100644 index 0000000000..5c104c74b5 --- /dev/null +++ b/lib/irs/tests/testdata/options-bad-ndots.conf @@ -0,0 +1,11 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +search example.com example.net +options ndots:256 diff --git a/lib/irs/tests/testdata/options-empty.conf b/lib/irs/tests/testdata/options-empty.conf new file mode 100644 index 0000000000..e8b902ea2d --- /dev/null +++ b/lib/irs/tests/testdata/options-empty.conf @@ -0,0 +1,11 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +domain example.com +options From 6c09f305ae975255210951b75bbb736a4a804453 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Mon, 26 Feb 2018 10:41:02 +0100 Subject: [PATCH 2/3] Remove duplicate irs_resconf_load() unit test The "sortlist-v4.conf" unit test for irs_resconf_load() is always run twice due to a duplicate entry in the "tests" table. Remove one of them to prevent this. --- lib/irs/tests/resconf_test.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/irs/tests/resconf_test.c b/lib/irs/tests/resconf_test.c index 298cdc5668..488ed5ba02 100644 --- a/lib/irs/tests/resconf_test.c +++ b/lib/irs/tests/resconf_test.c @@ -56,9 +56,6 @@ ATF_TC_BODY(irs_resconf_load, tc) { isc_result_t checkres; } tests[] = { { - "testdata/sortlist-v4.conf", ISC_R_SUCCESS, - NULL, ISC_R_SUCCESS - }, { "testdata/domain.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS }, { From 1f18d3380416b0dc9ae91ee71133532d93d2cfc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Mon, 26 Feb 2018 13:23:06 +0100 Subject: [PATCH 3/3] Add CHANGES entry 4905. [bug] irs_resconf_load() ignored resolv.conf syntax errors when "domain" or "search" options were present in that file. [GL #110] --- CHANGES | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 558698f8f0..ffec9afc73 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,8 @@ -4904. [bug] Temporarily revert change #4859. [GL #124] +4905. [bug] irs_resconf_load() ignored resolv.conf syntax errors + when "domain" or "search" options were present in that + file. [GL #110] + +4904. [bug] Temporarily revert change #4859. [GL #124] 4903. [bug] "check-mx fail;" did not prevent MX records containing IP addresses from being added to a zone by a dynamic