aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2024-05-15 10:16:24 +0000
committerGordon Tetlow <gordon@FreeBSD.org>2024-06-18 17:32:56 +0000
commitbdf75e830a77a16ec0baf1c9367f64c6b96c5e02 (patch)
treeecd17631ef6be2e5196379e8bbc5dd6acdfbd624
parentd338712beb16ad7740bbd00bd93299a131a68045 (diff)
downloadsrc-bdf75e830a77a16ec0baf1c9367f64c6b96c5e02.tar.gz
src-bdf75e830a77a16ec0baf1c9367f64c6b96c5e02.zip
ldns: Ignore commented-out lines in resolv.conf.
This merges upstream PR 238 + an additional bug fix. PR: 278721 Approved by: so Security: FreeBSD-EN-24:11.ldns (cherry picked from commit 3b092e4936c433889cc668ea9563c8fd437d1a3e) (cherry picked from commit 7daf36028411c3a9c73e0c75732f9cbcbf66362e)
-rw-r--r--contrib/ldns/ldns/parse.h2
-rw-r--r--contrib/ldns/parse.c35
-rw-r--r--contrib/ldns/resolver.c53
3 files changed, 42 insertions, 48 deletions
diff --git a/contrib/ldns/ldns/parse.h b/contrib/ldns/ldns/parse.h
index ba7edf5679d8..6130dae32bd2 100644
--- a/contrib/ldns/ldns/parse.h
+++ b/contrib/ldns/ldns/parse.h
@@ -95,6 +95,8 @@ ssize_t ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit,
*/
ldns_status ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed, const char *delim, int *line_nr);
+ssize_t ldns_fget_token_l_resolv_conf(FILE *f, char *token, const char *delim, size_t limit, int *line_nr);
+
/**
* returns a token/char from the buffer b.
* This function deals with ( and ) in the buffer,
diff --git a/contrib/ldns/parse.c b/contrib/ldns/parse.c
index 9698ba71e881..af8b2c1321b2 100644
--- a/contrib/ldns/parse.c
+++ b/contrib/ldns/parse.c
@@ -27,9 +27,14 @@ ldns_fget_token(FILE *f, char *token, const char *delim, size_t limit)
return ldns_fget_token_l(f, token, delim, limit, NULL);
}
-ldns_status
-ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed
- , const char *delim, int *line_nr)
+enum file_type2parse {
+ zone_file_type, resolv_conf_file_type
+};
+
+static ldns_status
+ldns_fget_token_l_st_file_type(FILE *f, char **token, size_t *limit,
+ bool fixed, const char *delim, int *line_nr,
+ enum file_type2parse file_type)
{
int c, prev_c;
int p; /* 0 -> no parentheses seen, >0 nr of ( seen */
@@ -98,7 +103,9 @@ ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed
}
/* do something with comments ; */
- if (c == ';' && quoted == 0) {
+ if ((c == ';'
+ || (c == '#' && file_type == resolv_conf_file_type))
+ && quoted == 0) {
if (prev_c != '\\') {
com = 1;
}
@@ -215,6 +222,26 @@ tokenread:
return i == 0 ? LDNS_STATUS_SYNTAX_EMPTY : LDNS_STATUS_OK;
}
+ldns_status
+ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed
+ , const char *delim, int *line_nr)
+{
+ return ldns_fget_token_l_st_file_type(
+ f, token, limit, fixed, delim, line_nr, zone_file_type);
+}
+
+ssize_t
+ldns_fget_token_l_resolv_conf(FILE *f, char *token, const char *delim,
+ size_t limit, int *line_nr)
+{
+ if (limit == 0)
+ limit = LDNS_MAX_LINELEN;
+ if (ldns_fget_token_l_st_file_type(f, &token, &limit, true, delim,
+ line_nr, resolv_conf_file_type))
+ return -1;
+ else
+ return (ssize_t)strlen(token);
+}
ssize_t
ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *line_nr)
diff --git a/contrib/ldns/resolver.c b/contrib/ldns/resolver.c
index f9ec65a55966..a426b82c034e 100644
--- a/contrib/ldns/resolver.c
+++ b/contrib/ldns/resolver.c
@@ -775,7 +775,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
#endif
ssize_t gtr, bgtr;
ldns_buffer *b;
- int lnr = 0, oldline;
+ int lnr = 0;
FILE* myfp = fp;
if(!line_nr) line_nr = &lnr;
@@ -809,36 +809,18 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
gtr = 1;
word[0] = 0;
- oldline = *line_nr;
expect = LDNS_RESOLV_KEYWORD;
while (gtr > 0) {
- /* check comments */
- if (word[0] == '#') {
- word[0]='x';
- if(oldline == *line_nr) {
- /* skip until end of line */
- int c;
- do {
- c = fgetc(myfp);
- } while(c != EOF && c != '\n');
- if(c=='\n') (*line_nr)++;
- }
- /* and read next to prepare for further parsing */
- oldline = *line_nr;
- continue;
- }
- oldline = *line_nr;
switch(expect) {
case LDNS_RESOLV_KEYWORD:
/* keyword */
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
if (gtr != 0) {
- if(word[0] == '#') continue;
for(i = 0; i < LDNS_RESOLV_KEYWORDS; i++) {
if (strcasecmp(keyword[i], word) == 0) {
/* chosen the keyword and
* expect values carefully
- */
+ */
expect = i;
break;
}
@@ -856,16 +838,12 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
break;
case LDNS_RESOLV_DEFDOMAIN:
/* default domain dname */
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
if (gtr == 0) {
if(!fp) fclose(myfp);
ldns_resolver_deep_free(r);
return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
}
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- continue;
- }
tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
if (!tmp) {
if(!fp) fclose(myfp);
@@ -879,16 +857,12 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
break;
case LDNS_RESOLV_NAMESERVER:
/* NS aaaa or a record */
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
if (gtr == 0) {
if(!fp) fclose(myfp);
ldns_resolver_deep_free(r);
return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
}
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- continue;
- }
if(strchr(word, '%')) {
/* snip off interface labels,
* fe80::222:19ff:fe31:4222%eth0 */
@@ -911,7 +885,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
break;
case LDNS_RESOLV_SEARCH:
/* search list domain dname */
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
b = LDNS_MALLOC(ldns_buffer);
if(!b) {
ldns_resolver_deep_free(r);
@@ -929,10 +903,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
bgtr = ldns_bget_token(b, word, LDNS_PARSE_NORMAL, (size_t) gtr + 1);
while (bgtr > 0) {
gtr -= bgtr;
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- break;
- }
tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
if (!tmp) {
ldns_resolver_deep_free(r);
@@ -954,28 +924,23 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
}
break;
case LDNS_RESOLV_SORTLIST:
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
/* sortlist not implemented atm */
expect = LDNS_RESOLV_KEYWORD;
break;
case LDNS_RESOLV_OPTIONS:
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
/* options not implemented atm */
expect = LDNS_RESOLV_KEYWORD;
break;
case LDNS_RESOLV_ANCHOR:
/* a file containing a DNSSEC trust anchor */
- gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
+ gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr);
if (gtr == 0) {
ldns_resolver_deep_free(r);
if(!fp) fclose(myfp);
return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
}
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- continue;
- }
-
#ifdef HAVE_SSL
tmp_rr = ldns_read_anchor_file(word);
(void) ldns_resolver_push_dnssec_anchor(r, tmp_rr);