dnsd: fixes various segfaults.

One was a lib api change that was not updated and another is a stack buffer overflow. It also adds support for '*' in dnsd.conf. It resolves all hostnames to a specific ip address. This is useful if you for example want redirect all http traffic to your first-boot-web-wizard on you router/firewall. By Timo Teras
2008-05-22 17:41:01 +00:00 · 2008-05-22 17:41:01 +00:00 · e9b76e1f1e
commit e9b76e1f1e
parent ae84b11467
2 changed files with 16 additions and 9 deletions
--- a/libbb/udp_io.c
+++ b/libbb/udp_io.c
@ -36,11 +36,12 @@ send_to_from(int fd, void *buf, size_t len, int flags,
 #else
 	struct iovec iov[1];
 	struct msghdr msg;
-	char cbuf[sizeof(struct in_pktinfo)
+	union {
 		char cmsg[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #if ENABLE_FEATURE_IPV6 && defined(IPV6_PKTINFO)
-		| sizeof(struct in6_pktinfo) /* (a|b) is poor man's max(a,b) */
+		char cmsg6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
 #endif
-	];
+	} u;
 	struct cmsghdr* cmsgptr;
 	if (from->sa_family != AF_INET
@ -57,15 +58,15 @@ send_to_from(int fd, void *buf, size_t len, int flags,
 	iov[0].iov_base = buf;
 	iov[0].iov_len = len;
-	memset(cbuf, 0, sizeof(cbuf));
+	memset(&u, 0, sizeof(u));
 	memset(&msg, 0, sizeof(msg));
 	msg.msg_name = (void *)(struct sockaddr *)to; /* or compiler will annoy us */
 	msg.msg_namelen = tolen;
 	msg.msg_iov = iov;
 	msg.msg_iovlen = 1;
-	msg.msg_control = cbuf;
+	msg.msg_control = &u;
-	msg.msg_controllen = sizeof(cbuf);
+	msg.msg_controllen = sizeof(u);
 	msg.msg_flags = flags;
 	cmsgptr = CMSG_FIRSTHDR(&msg);
@ -89,6 +90,8 @@ send_to_from(int fd, void *buf, size_t len, int flags,
 		pktptr->ipi6_addr = ((struct sockaddr_in6*)from)->sin6_addr;
 	}
 #endif
 	msg.msg_controllen = cmsgptr->cmsg_len;
 	return sendmsg(fd, &msg, flags);
 #endif
 }
@ -109,7 +112,9 @@ recv_from_to(int fd, void *buf, size_t len, int flags,
 	struct iovec iov[1];
 	union {
 		char cmsg[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #if ENABLE_FEATURE_IPV6 && defined(IPV6_PKTINFO)
 		char cmsg6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
 #endif
 	} u;
 	struct cmsghdr *cmsgptr;
 	struct msghdr msg;
--- a/networking/dnsd.c
+++ b/networking/dnsd.c
@ -194,7 +194,8 @@ static int table_lookup(uint16_t type, uint8_t * as, uint8_t * qs)
 			for (i = 1; i <= (int)(d->name[0]); i++)
 				if (tolower(qs[i]) != d->name[i])
 					break;
-			if (i > (int)(d->name[0])) {
+			if (i > (int)(d->name[0]) ||
 			    (d->name[0] == 1 && d->name[1] == '*')) {
 				strcpy((char *)as, d->ip);
 #if DEBUG
 				fprintf(stderr, " OK as:%s\n", as);
@ -202,7 +203,8 @@ static int table_lookup(uint16_t type, uint8_t * as, uint8_t * qs)
 				return 0;
 			}
 		} else if (type == REQ_PTR) { /* search by IP-address */
-			if (!strncmp((char*)&d->rip[1], (char*)&qs[1], strlen(d->rip)-1)) {
+			if ((d->name[0] != 1 || d->name[1] != '*') &&
 			    !strncmp((char*)&d->rip[1], (char*)&qs[1], strlen(d->rip)-1)) {
 				strcpy((char *)as, d->name);
 				return 0;
 			}
@ -401,7 +403,7 @@ int dnsd_main(int argc ATTRIBUTE_UNUSED, char **argv)
 		r = process_packet(buf);
 		if (r <= 0)
 			continue;
-		send_to_from(udps, buf, r, 0, &to->u.sa, &from->u.sa, lsa->len);
+		send_to_from(udps, buf, r, 0, &from->u.sa, &to->u.sa, lsa->len);
 	}
 	return 0;
 }