diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2019-02-06 12:31:02 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2019-02-06 12:31:02 +0000 |
commit | 9c9d011eed674ddd7e4a0a148691887afb9e75cd (patch) | |
tree | cd45bceeed24e66e5b2838e8589d2c111cf691c6 /contrib | |
parent | 089d83fbd0b24f957b753d440f188ddadaabf4ff (diff) | |
download | src-9c9d011eed674ddd7e4a0a148691887afb9e75cd.tar.gz src-9c9d011eed674ddd7e4a0a148691887afb9e75cd.zip |
Vendor import of Unbound 1.9.0.vendor/unbound/1.9.0
Notes
Notes:
svn path=/vendor/unbound/dist/; revision=343835
svn path=/vendor/unbound/1.9.0/; revision=343836; tag=vendor/unbound/1.9.0
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/README | 2 | ||||
-rw-r--r-- | contrib/fastrpz.patch | 114 | ||||
-rw-r--r-- | contrib/unbound-fuzzme.patch | 148 |
3 files changed, 207 insertions, 57 deletions
diff --git a/contrib/README b/contrib/README index 2b5e754247ac..262ccc7db42d 100644 --- a/contrib/README +++ b/contrib/README @@ -38,3 +38,5 @@ distribution but may be helpful. * unbound-querycachedb.py: utility to show data stored in cachedb backend for a particular query name and type. It requires dnspython and (for redis backend) redis Python modules. +* unbound-fuzzme.patch: adds unbound-fuzzme program that parses a packet from + stdin. Used with fuzzers, patch from Jacob Hoffman-Andrews. diff --git a/contrib/fastrpz.patch b/contrib/fastrpz.patch index 590f843d9fa5..0291ea3d81a4 100644 --- a/contrib/fastrpz.patch +++ b/contrib/fastrpz.patch @@ -3,7 +3,7 @@ Author: fastrpz@farsightsecurity.com --- Index: unboundfastrpz/Makefile.in =================================================================== ---- unboundfastrpz/Makefile.in (revision 4923) +--- unboundfastrpz/Makefile.in (revision 5073) +++ unboundfastrpz/Makefile.in (working copy) @@ -23,6 +23,8 @@ CHECKLOCK_OBJ=@CHECKLOCK_OBJ@ @@ -46,9 +46,9 @@ Index: unboundfastrpz/Makefile.in pythonmod/interface.h \ Index: unboundfastrpz/config.h.in =================================================================== ---- unboundfastrpz/config.h.in (revision 4923) +--- unboundfastrpz/config.h.in (revision 5073) +++ unboundfastrpz/config.h.in (working copy) -@@ -1272,4 +1272,11 @@ +@@ -1293,4 +1293,11 @@ /** the version of unbound-control that this software implements */ #define UNBOUND_CONTROL_VERSION 1 @@ -63,7 +63,7 @@ Index: unboundfastrpz/config.h.in +#undef ENABLE_FASTRPZ Index: unboundfastrpz/configure.ac =================================================================== ---- unboundfastrpz/configure.ac (revision 4923) +--- unboundfastrpz/configure.ac (revision 5073) +++ unboundfastrpz/configure.ac (working copy) @@ -6,6 +6,7 @@ sinclude(acx_python.m4) @@ -73,7 +73,7 @@ Index: unboundfastrpz/configure.ac sinclude(dnscrypt/dnscrypt.m4) # must be numbers. ac_defun because of later processing -@@ -1565,6 +1566,9 @@ +@@ -1575,6 +1576,9 @@ ;; esac @@ -85,7 +85,7 @@ Index: unboundfastrpz/configure.ac # on Solaris, it does not work ($? is changed sources, $^ lists dependencies). Index: unboundfastrpz/daemon/daemon.c =================================================================== ---- unboundfastrpz/daemon/daemon.c (revision 4923) +--- unboundfastrpz/daemon/daemon.c (revision 5073) +++ unboundfastrpz/daemon/daemon.c (working copy) @@ -91,6 +91,9 @@ #include "sldns/keyraw.h" @@ -124,7 +124,7 @@ Index: unboundfastrpz/daemon/daemon.c Index: unboundfastrpz/daemon/daemon.h =================================================================== ---- unboundfastrpz/daemon/daemon.h (revision 4923) +--- unboundfastrpz/daemon/daemon.h (revision 5073) +++ unboundfastrpz/daemon/daemon.h (working copy) @@ -136,6 +136,11 @@ /** the dnscrypt environment */ @@ -140,7 +140,7 @@ Index: unboundfastrpz/daemon/daemon.h /** Index: unboundfastrpz/daemon/worker.c =================================================================== ---- unboundfastrpz/daemon/worker.c (revision 4923) +--- unboundfastrpz/daemon/worker.c (revision 5073) +++ unboundfastrpz/daemon/worker.c (working copy) @@ -75,6 +75,9 @@ #include "libunbound/context.h" @@ -268,9 +268,9 @@ Index: unboundfastrpz/daemon/worker.c verbose(VERB_ALGO, "answer norec from cache -- " Index: unboundfastrpz/doc/unbound.conf.5.in =================================================================== ---- unboundfastrpz/doc/unbound.conf.5.in (revision 4923) +--- unboundfastrpz/doc/unbound.conf.5.in (revision 5073) +++ unboundfastrpz/doc/unbound.conf.5.in (working copy) -@@ -1728,6 +1728,81 @@ +@@ -1781,6 +1781,81 @@ used by dns64 processing instead. Can be entered multiple times, list a new domain for which it applies, one per line. Applies also to names underneath the name given. @@ -2885,7 +2885,7 @@ Index: unboundfastrpz/fastrpz/rpz.m4 +]) Index: unboundfastrpz/iterator/iterator.c =================================================================== ---- unboundfastrpz/iterator/iterator.c (revision 4923) +--- unboundfastrpz/iterator/iterator.c (revision 5073) +++ unboundfastrpz/iterator/iterator.c (working copy) @@ -68,6 +68,9 @@ #include "sldns/str2wire.h" @@ -2895,9 +2895,9 @@ Index: unboundfastrpz/iterator/iterator.c +#include "fastrpz/rpz.h" +#endif - int - iter_init(struct module_env* env, int id) -@@ -525,6 +528,23 @@ + /* in msec */ + int UNKNOWN_SERVER_NICENESS = 376; +@@ -551,6 +554,23 @@ if(ntohs(r->rk.type) == LDNS_RR_TYPE_CNAME && query_dname_compare(*mname, r->rk.dname) == 0 && !iter_find_rrset_in_prepend_answer(iq, r)) { @@ -2921,7 +2921,7 @@ Index: unboundfastrpz/iterator/iterator.c /* Add this relevant CNAME rrset to the prepend list.*/ if(!iter_add_prepend_answer(qstate, iq, r)) return 0; -@@ -533,6 +553,9 @@ +@@ -559,6 +579,9 @@ /* Other rrsets in the section are ignored. */ } @@ -2931,7 +2931,7 @@ Index: unboundfastrpz/iterator/iterator.c /* add authority rrsets to authority prepend, for wildcarded CNAMEs */ for(i=msg->rep->an_numrrsets; i<msg->rep->an_numrrsets + msg->rep->ns_numrrsets; i++) { -@@ -1216,6 +1239,7 @@ +@@ -1195,6 +1218,7 @@ uint8_t* delname; size_t delnamelen; struct dns_msg* msg = NULL; @@ -2939,7 +2939,7 @@ Index: unboundfastrpz/iterator/iterator.c log_query_info(VERB_DETAIL, "resolving", &qstate->qinfo); /* check effort */ -@@ -1302,8 +1326,7 @@ +@@ -1281,8 +1305,7 @@ } if(msg) { /* handle positive cache response */ @@ -2949,7 +2949,7 @@ Index: unboundfastrpz/iterator/iterator.c if(verbosity >= VERB_ALGO) { log_dns_msg("msg from cache lookup", &msg->qinfo, msg->rep); -@@ -1311,7 +1334,22 @@ +@@ -1290,7 +1313,22 @@ (int)msg->rep->ttl, (int)msg->rep->prefetch_ttl); } @@ -2972,7 +2972,7 @@ Index: unboundfastrpz/iterator/iterator.c if(type == RESPONSE_TYPE_CNAME) { uint8_t* sname = 0; size_t slen = 0; -@@ -2716,6 +2754,62 @@ +@@ -2694,6 +2732,62 @@ sock_list_insert(&qstate->reply_origin, &qstate->reply->addr, qstate->reply->addrlen, qstate->region); @@ -3035,7 +3035,7 @@ Index: unboundfastrpz/iterator/iterator.c if(iq->minimisation_state != DONOT_MINIMISE_STATE && !(iq->chase_flags & BIT_RD)) { if(FLAGS_GET_RCODE(iq->response->rep->flags) != -@@ -3462,6 +3556,10 @@ +@@ -3440,6 +3534,10 @@ * but only if we did recursion. The nonrecursion referral * from cache does not need to be stored in the msg cache. */ if(!qstate->no_cache_store && qstate->query_flags&BIT_RD) { @@ -3046,7 +3046,7 @@ Index: unboundfastrpz/iterator/iterator.c iter_dns_store(qstate->env, &qstate->qinfo, iq->response->rep, 0, qstate->prefetch_leeway, iq->dp&&iq->dp->has_parent_side_NS, -@@ -3468,6 +3566,34 @@ +@@ -3446,6 +3544,34 @@ qstate->region, qstate->query_flags); } } @@ -3083,7 +3083,7 @@ Index: unboundfastrpz/iterator/iterator.c return 0; Index: unboundfastrpz/iterator/iterator.h =================================================================== ---- unboundfastrpz/iterator/iterator.h (revision 4923) +--- unboundfastrpz/iterator/iterator.h (revision 5073) +++ unboundfastrpz/iterator/iterator.h (working copy) @@ -386,6 +386,16 @@ */ @@ -3104,9 +3104,9 @@ Index: unboundfastrpz/iterator/iterator.h * the QNAME minimisation QTYPE is blocked. */ Index: unboundfastrpz/services/cache/dns.c =================================================================== ---- unboundfastrpz/services/cache/dns.c (revision 4923) +--- unboundfastrpz/services/cache/dns.c (revision 5073) +++ unboundfastrpz/services/cache/dns.c (working copy) -@@ -928,6 +928,14 @@ +@@ -939,6 +939,14 @@ struct regional* region, uint32_t flags) { struct reply_info* rep = NULL; @@ -3123,7 +3123,7 @@ Index: unboundfastrpz/services/cache/dns.c if(!rep) Index: unboundfastrpz/services/mesh.c =================================================================== ---- unboundfastrpz/services/mesh.c (revision 4923) +--- unboundfastrpz/services/mesh.c (revision 5073) +++ unboundfastrpz/services/mesh.c (working copy) @@ -60,6 +60,9 @@ #include "sldns/wire2str.h" @@ -3133,9 +3133,9 @@ Index: unboundfastrpz/services/mesh.c +#include "fastrpz/rpz.h" +#endif #include "respip/respip.h" + #include "services/listen_dnsport.h" - /** subtract timers and the values do not overflow or become negative */ -@@ -1057,6 +1060,13 @@ +@@ -1072,6 +1075,13 @@ else secure = 0; if(!rep && rcode == LDNS_RCODE_NOERROR) rcode = LDNS_RCODE_SERVFAIL; @@ -3149,7 +3149,7 @@ Index: unboundfastrpz/services/mesh.c /* send the reply */ /* We don't reuse the encoded answer if either the previous or current * response has a local alias. We could compare the alias records -@@ -1230,6 +1240,7 @@ +@@ -1247,6 +1257,7 @@ key.s.is_valrec = valrec; key.s.qinfo = *qinfo; key.s.query_flags = qflags; @@ -3157,7 +3157,7 @@ Index: unboundfastrpz/services/mesh.c /* We are searching for a similar mesh state when we DO want to * aggregate the state. Thus unique is set to NULL. (default when we * desire aggregation).*/ -@@ -1276,6 +1287,10 @@ +@@ -1293,6 +1304,10 @@ if(!r) return 0; r->query_reply = *rep; @@ -3170,9 +3170,9 @@ Index: unboundfastrpz/services/mesh.c r->edns.opt_list = edns_opt_copy_region(edns->opt_list, Index: unboundfastrpz/util/config_file.c =================================================================== ---- unboundfastrpz/util/config_file.c (revision 4923) +--- unboundfastrpz/util/config_file.c (revision 5073) +++ unboundfastrpz/util/config_file.c (working copy) -@@ -1386,6 +1386,8 @@ +@@ -1418,6 +1418,8 @@ free(cfg->dnstap_socket_path); free(cfg->dnstap_identity); free(cfg->dnstap_version); @@ -3183,9 +3183,9 @@ Index: unboundfastrpz/util/config_file.c #ifdef USE_IPSECMOD Index: unboundfastrpz/util/config_file.h =================================================================== ---- unboundfastrpz/util/config_file.h (revision 4923) +--- unboundfastrpz/util/config_file.h (revision 5073) +++ unboundfastrpz/util/config_file.h (working copy) -@@ -468,6 +468,11 @@ +@@ -490,6 +490,11 @@ /** true to disable DNSSEC lameness check in iterator */ int disable_dnssec_lame_check; @@ -3199,9 +3199,9 @@ Index: unboundfastrpz/util/config_file.h /** number of slabs for ip_ratelimit cache */ Index: unboundfastrpz/util/configlexer.lex =================================================================== ---- unboundfastrpz/util/configlexer.lex (revision 4923) +--- unboundfastrpz/util/configlexer.lex (revision 5073) +++ unboundfastrpz/util/configlexer.lex (working copy) -@@ -429,6 +429,10 @@ +@@ -439,6 +439,10 @@ YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } dnstap-log-forwarder-response-messages{COLON} { YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } @@ -3214,7 +3214,7 @@ Index: unboundfastrpz/util/configlexer.lex ratelimit{COLON} { YDVAR(1, VAR_RATELIMIT) } Index: unboundfastrpz/util/configparser.y =================================================================== ---- unboundfastrpz/util/configparser.y (revision 4923) +--- unboundfastrpz/util/configparser.y (revision 5073) +++ unboundfastrpz/util/configparser.y (working copy) @@ -125,6 +125,7 @@ %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES @@ -3224,7 +3224,7 @@ Index: unboundfastrpz/util/configparser.y %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT %token VAR_DISABLE_DNSSEC_LAME_CHECK -@@ -164,7 +165,7 @@ +@@ -170,7 +171,7 @@ %% toplevelvars: /* empty */ | toplevelvars toplevelvar ; @@ -3233,8 +3233,8 @@ Index: unboundfastrpz/util/configparser.y forwardstart contents_forward | pythonstart contents_py | rcstart contents_rc | dtstart contents_dt | viewstart contents_view | dnscstart contents_dnsc | cachedbstart contents_cachedb | -@@ -2546,6 +2547,50 @@ - (strcmp($2, "yes")==0); +@@ -2708,6 +2709,50 @@ + free($2); } ; +rpzstart: VAR_RPZ @@ -3286,9 +3286,9 @@ Index: unboundfastrpz/util/configparser.y OUTYY(("\nP(python:)\n")); Index: unboundfastrpz/util/data/msgencode.c =================================================================== ---- unboundfastrpz/util/data/msgencode.c (revision 4923) +--- unboundfastrpz/util/data/msgencode.c (revision 5073) +++ unboundfastrpz/util/data/msgencode.c (working copy) -@@ -585,6 +585,35 @@ +@@ -590,6 +590,35 @@ return RETVAL_OK; } @@ -3324,7 +3324,7 @@ Index: unboundfastrpz/util/data/msgencode.c /** store query section in wireformat buffer, return RETVAL */ static int insert_query(struct query_info* qinfo, struct compress_tree_node** tree, -@@ -748,6 +777,19 @@ +@@ -753,6 +782,19 @@ return 0; } sldns_buffer_write_u16_at(buffer, 10, arcount); @@ -3346,7 +3346,7 @@ Index: unboundfastrpz/util/data/msgencode.c return 1; Index: unboundfastrpz/util/data/packed_rrset.c =================================================================== ---- unboundfastrpz/util/data/packed_rrset.c (revision 4923) +--- unboundfastrpz/util/data/packed_rrset.c (revision 5073) +++ unboundfastrpz/util/data/packed_rrset.c (working copy) @@ -255,6 +255,10 @@ case sec_status_insecure: return "sec_status_insecure"; @@ -3361,7 +3361,7 @@ Index: unboundfastrpz/util/data/packed_rrset.c } Index: unboundfastrpz/util/data/packed_rrset.h =================================================================== ---- unboundfastrpz/util/data/packed_rrset.h (revision 4923) +--- unboundfastrpz/util/data/packed_rrset.h (revision 5073) +++ unboundfastrpz/util/data/packed_rrset.h (working copy) @@ -193,7 +193,15 @@ sec_status_secure_sentinel_fail, @@ -3382,9 +3382,9 @@ Index: unboundfastrpz/util/data/packed_rrset.h /** Index: unboundfastrpz/util/netevent.c =================================================================== ---- unboundfastrpz/util/netevent.c (revision 4923) +--- unboundfastrpz/util/netevent.c (revision 5073) +++ unboundfastrpz/util/netevent.c (working copy) -@@ -56,6 +56,9 @@ +@@ -57,6 +57,9 @@ #ifdef HAVE_OPENSSL_ERR_H #include <openssl/err.h> #endif @@ -3394,7 +3394,7 @@ Index: unboundfastrpz/util/netevent.c /* -------- Start of local definitions -------- */ /** if CMSG_ALIGN is not defined on this platform, a workaround */ -@@ -588,6 +591,9 @@ +@@ -590,6 +593,9 @@ struct cmsghdr* cmsg; #endif /* S_SPLINT_S */ @@ -3404,7 +3404,7 @@ Index: unboundfastrpz/util/netevent.c rep.c = (struct comm_point*)arg; log_assert(rep.c->type == comm_udp); -@@ -677,6 +683,9 @@ +@@ -679,6 +685,9 @@ int i; struct sldns_buffer *buffer; @@ -3414,7 +3414,7 @@ Index: unboundfastrpz/util/netevent.c rep.c = (struct comm_point*)arg; log_assert(rep.c->type == comm_udp); -@@ -720,6 +729,9 @@ +@@ -722,6 +731,9 @@ (void)comm_point_send_udp_msg(rep.c, buffer, (struct sockaddr*)&rep.addr, rep.addrlen); } @@ -3424,9 +3424,9 @@ Index: unboundfastrpz/util/netevent.c if(!rep.c || rep.c->fd != fd) /* commpoint closed to -1 or reused for another UDP port. Note rep.c cannot be reused with TCP fd. */ break; -@@ -3035,6 +3047,9 @@ - comm_point_start_listening(repinfo->c, -1, - repinfo->c->tcp_timeout_msec); +@@ -3108,6 +3120,9 @@ + repinfo->c->tcp_timeout_msec); + } } +#ifdef ENABLE_FASTRPZ + rpz_end(repinfo); @@ -3434,7 +3434,7 @@ Index: unboundfastrpz/util/netevent.c } void -@@ -3044,6 +3059,9 @@ +@@ -3117,6 +3132,9 @@ return; log_assert(repinfo && repinfo->c); log_assert(repinfo->c->type != comm_tcp_accept); @@ -3443,8 +3443,8 @@ Index: unboundfastrpz/util/netevent.c +#endif if(repinfo->c->type == comm_udp) return; - reclaim_tcp_handler(repinfo->c); -@@ -3063,6 +3081,9 @@ + if(repinfo->c->tcp_req_info) +@@ -3138,6 +3156,9 @@ { verbose(VERB_ALGO, "comm point start listening %d", c->fd==-1?newfd:c->fd); @@ -3456,7 +3456,7 @@ Index: unboundfastrpz/util/netevent.c return; Index: unboundfastrpz/util/netevent.h =================================================================== ---- unboundfastrpz/util/netevent.h (revision 4923) +--- unboundfastrpz/util/netevent.h (revision 5073) +++ unboundfastrpz/util/netevent.h (working copy) @@ -120,6 +120,10 @@ /** return type 0 (none), 4(IP4), 6(IP6) */ @@ -3471,7 +3471,7 @@ Index: unboundfastrpz/util/netevent.h uint8_t nmkey[crypto_box_BEFORENMBYTES]; Index: unboundfastrpz/validator/validator.c =================================================================== ---- unboundfastrpz/validator/validator.c (revision 4923) +--- unboundfastrpz/validator/validator.c (revision 5073) +++ unboundfastrpz/validator/validator.c (working copy) @@ -2755,6 +2755,12 @@ default: diff --git a/contrib/unbound-fuzzme.patch b/contrib/unbound-fuzzme.patch new file mode 100644 index 000000000000..a2f3e1db313b --- /dev/null +++ b/contrib/unbound-fuzzme.patch @@ -0,0 +1,148 @@ +>From cc9b927f8f29d989ddb8415fe6508a538546abca Mon Sep 17 00:00:00 2001 +From: Jacob Hoffman-Andrews <github@hoffman-andrews.com> +Date: Wed, 2 Jan 2019 22:52:51 -0800 +Subject: [PATCH] Add unbound-fuzzme. + +This is a small program that simply parses a packet provided on stdout, +for the purposes of fuzzing. +--- + .gitignore | 1 + + Makefile.in | 22 ++++++++++++++++++++-- + smallapp/unbound-fuzzme.c | 38 ++++++++++++++++++++++++++++++++++++++ + 3 files changed, 59 insertions(+), 2 deletions(-) + create mode 100644 smallapp/unbound-fuzzme.c + +diff --git a/.gitignore b/.gitignore +index f4527fd8..6163f905 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -24,6 +24,7 @@ + /unbound-checkconf + /unbound-control + /unbound-control-setup ++/unbound-fuzzme + /unbound-host + /unbound.h + /asynclook +diff --git a/Makefile.in b/Makefile.in +index af5b10f6..dacf1ab5 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -177,6 +177,10 @@ shm_main.lo remote.lo stats.lo unbound.lo \ + worker.lo @WIN_DAEMON_OBJ@ + DAEMON_OBJ_LINK=$(DAEMON_OBJ) $(COMMON_OBJ_ALL_SYMBOLS) $(SLDNS_OBJ) \ + $(COMPAT_OBJ) @WIN_DAEMON_OBJ_LINK@ ++FUZZME_SRC=smallapp/unbound-fuzzme.c ++FUZZME_OBJ=unbound-fuzzme.lo ++FUZZME_OBJ_LINK=$(FUZZME_OBJ) worker_cb.lo $(COMMON_OBJ_ALL_SYMBOLS) $(SLDNS_OBJ) \ ++$(COMPAT_OBJ) + CHECKCONF_SRC=smallapp/unbound-checkconf.c smallapp/worker_cb.c + CHECKCONF_OBJ=unbound-checkconf.lo worker_cb.lo + CHECKCONF_OBJ_LINK=$(CHECKCONF_OBJ) $(COMMON_OBJ_ALL_SYMBOLS) $(SLDNS_OBJ) \ +@@ -252,6 +256,7 @@ RSRC_OBJ=rsrc_svcinst.o rsrc_svcuninst.o rsrc_anchorupd.o rsrc_unbound.o \ + rsrc_unbound_checkconf.o + + ALL_SRC=$(COMMON_SRC) $(UNITTEST_SRC) $(DAEMON_SRC) \ ++ $(FUZZME_SRC) \ + $(TESTBOUND_SRC) $(LOCKVERIFY_SRC) $(PKTVIEW_SRC) \ + $(MEMSTATS_SRC) $(CHECKCONF_SRC) $(LIBUNBOUND_SRC) $(HOST_SRC) \ + $(ASYNCLOOK_SRC) $(STREAMTCP_SRC) $(PERF_SRC) $(DELAYER_SRC) \ +@@ -259,6 +264,7 @@ ALL_SRC=$(COMMON_SRC) $(UNITTEST_SRC) $(DAEMON_SRC) \ + $(PYTHONMOD_SRC) $(PYUNBOUND_SRC) $(WIN_DAEMON_THE_SRC)\ + $(SVCINST_SRC) $(SVCUNINST_SRC) $(ANCHORUPD_SRC) $(SLDNS_SRC) + ALL_OBJ=$(COMMON_OBJ) $(UNITTEST_OBJ) $(DAEMON_OBJ) \ ++ $(FUZZME_OBJ) \ + $(TESTBOUND_OBJ) $(LOCKVERIFY_OBJ) $(PKTVIEW_OBJ) \ + $(MEMSTATS_OBJ) $(CHECKCONF_OBJ) $(LIBUNBOUND_OBJ) $(HOST_OBJ) \ + $(ASYNCLOOK_OBJ) $(STREAMTCP_OBJ) $(PERF_OBJ) $(DELAYER_OBJ) \ +@@ -274,7 +280,7 @@ LINK_LIB=$(LIBTOOL) --tag=CC --mode=link $(CC) $(RUNTIME_PATH) $(CPPFLAGS) $(CFL + + all: $(COMMON_OBJ) $(ALLTARGET) + +-alltargets: unbound$(EXEEXT) unbound-checkconf$(EXEEXT) lib unbound-host$(EXEEXT) unbound-control$(EXEEXT) unbound-anchor$(EXEEXT) unbound-control-setup $(WINAPPS) $(PYUNBOUND_TARGET) ++alltargets: unbound$(EXEEXT) unbound-checkconf$(EXEEXT) lib unbound-host$(EXEEXT) unbound-control$(EXEEXT) unbound-anchor$(EXEEXT) unbound-control-setup unbound-fuzzme$(EXEEXT) $(WINAPPS) $(PYUNBOUND_TARGET) + + # compat with BSD make, register suffix, and an implicit rule to actualise it. + .SUFFIXES: .lo +@@ -325,6 +331,9 @@ libunbound.la: $(LIBUNBOUND_OBJ_LINK) + unbound$(EXEEXT): $(DAEMON_OBJ_LINK) libunbound.la + $(LINK) -o $@ $(DAEMON_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) + ++unbound-fuzzme$(EXEEXT): $(FUZZME_OBJ_LINK) libunbound.la ++ $(LINK) -o $@ $(FUZZME_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) ++ + unbound-checkconf$(EXEEXT): $(CHECKCONF_OBJ_LINK) libunbound.la + $(LINK) -o $@ $(CHECKCONF_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) + +@@ -447,7 +456,7 @@ util/configparser.c util/configparser.h: $(srcdir)/util/configparser.y + + clean: + rm -f *.o *.d *.lo *~ tags +- rm -f unbound$(EXEEXT) unbound-checkconf$(EXEEXT) unbound-host$(EXEEXT) unbound-control$(EXEEXT) unbound-anchor$(EXEEXT) unbound-control-setup libunbound.la unbound.h ++ rm -f unbound$(EXEEXT) unbound-checkconf$(EXEEXT) unbound-fuzzme$(EXEEXT) unbound-host$(EXEEXT) unbound-control$(EXEEXT) unbound-anchor$(EXEEXT) unbound-control-setup libunbound.la unbound.h + rm -f $(ALL_SRC:.c=.lint) + rm -f _unbound.la libunbound/python/libunbound_wrap.c libunbound/python/unbound.py pythonmod/interface.h pythonmod/unboundmodule.py + rm -rf autom4te.cache .libs build doc/html doc/xml +@@ -1183,6 +1192,15 @@ stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(s + $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \ + $(srcdir)/util/rtt.h $(srcdir)/services/authzone.h $(srcdir)/validator/val_kcache.h \ + $(srcdir)/validator/val_neg.h ++unbound-fuzzme.lo unbound-fuzzme.o: $(srcdir)/smallapp/unbound-fuzzme.c \ ++ $(srcdir)/util/locks.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \ ++ $(srcdir)/daemon/remote.h $(srcdir)/util/config_file.h \ ++ $(srcdir)/util/storage/slabhash.h $(srcdir)/util/storage/lruhash.h $(srcdir)/services/listen_dnsport.h \ ++ $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h $(srcdir)/services/cache/rrset.h \ ++ $(srcdir)/util/data/packed_rrset.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \ ++ $(srcdir)/util/rbtree.h $(srcdir)/util/rtt.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/fptr_wlist.h \ ++ $(srcdir)/util/module.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h \ ++ $(srcdir)/util/tube.h $(srcdir)/services/mesh.h $(srcdir)/util/net_help.h $(srcdir)/util/ub_event.h + unbound.lo unbound.o: $(srcdir)/daemon/unbound.c config.h $(srcdir)/util/log.h $(srcdir)/daemon/daemon.h \ + $(srcdir)/util/locks.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \ + $(srcdir)/daemon/remote.h \ +diff --git a/smallapp/unbound-fuzzme.c b/smallapp/unbound-fuzzme.c +new file mode 100644 +index 00000000..74ae5204 +--- /dev/null ++++ b/smallapp/unbound-fuzzme.c +@@ -0,0 +1,38 @@ ++/* ++ * unbound-fuzzme.c - parse a packet provided on stdin (for fuzzing). ++ * ++ */ ++#include "config.h" ++#include "util/regional.h" ++#include "util/fptr_wlist.h" ++#include "sldns/sbuffer.h" ++ ++#define SZ 10000 ++ ++int main() { ++ char buffer[SZ]; ++ size_t n_read = fread(buffer, 1, SZ, stdin); ++ if (n_read == SZ) { ++ printf("input too big\n"); ++ return 1; ++ } ++ sldns_buffer *pkt = sldns_buffer_new(n_read); ++ sldns_buffer_init_frm_data(pkt, buffer, n_read); ++ ++ struct regional *region = regional_create(); ++ ++ struct msg_parse* prs; ++ struct edns_data edns; ++ prs = (struct msg_parse*)malloc(sizeof(struct msg_parse)); ++ if(!prs) { ++ printf("out of memory on incoming message\n"); ++ return 1; ++ } ++ memset(prs, 0, sizeof(*prs)); ++ memset(&edns, 0, sizeof(edns)); ++ sldns_buffer_set_position(pkt, 0); ++ if(parse_packet(pkt, prs, region) != LDNS_RCODE_NOERROR) { ++ printf("parse error\n"); ++ return 1; ++ } ++} +-- +2.17.1 + |