Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent segfault with empty allow-from-file and allow-from options #11496

Merged
merged 1 commit into from
Apr 4, 2022
Merged

Prevent segfault with empty allow-from-file and allow-from options #11496

merged 1 commit into from
Apr 4, 2022

Conversation

swegener
Copy link
Contributor

@swegener swegener commented Apr 2, 2022

Short description

parseACL() returns a nullptr when both options are set empty.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@rgacogne
Copy link
Member

rgacogne commented Apr 2, 2022

Thanks! I wonder if it wouldn't be better to return an empty std::shared<NetmaskGroup> from parseACL instead of nullptr when both directives are empty, so basically to replace return nullptr with return result. Let's see what Otto prefers :)

@swegener
Copy link
Contributor Author

swegener commented Apr 2, 2022

I've changed the logic to correctly print the warning message, if the options are set empty. It was just avoiding the segfault before.

@omoerbeek
Copy link
Member

Thanks! I wonder if it wouldn't be better to return an empty std::shared<NetmaskGroup> from parseACL instead of nullptr when both directives are empty, so basically to replace return nullptr with return result. Let's see what Otto prefers :)

I like a single return result at the end of parseACL better indeed.

@kpfleming
Copy link
Contributor

Oops! Sorry about overlooking this when I redid that code :-)

@swegener
Prevent segfault with empty allow-from-file and allow-from options
bc79df6 
Always return a valid NetmaskGroup from parseACL()
@swegener
Copy link
Contributor Author

swegener commented Apr 2, 2022

Updated to return result

@omoerbeek
Copy link
Member

I'm a bit sad none of CodeQL, coverity or scanbuild has seen this bug...

@omoerbeek omoerbeek merged commit 790f188 into PowerDNS:master Apr 4, 2022
@swegener swegener deleted the recursor-segfault-parseACL branch April 4, 2022 11:53
omoerbeek added a commit to omoerbeek/pdns that referenced this pull request Apr 22, 2022
@omoerbeek
rec: Backport of PowerDNS#11496 to rec-4.6.x: Prevent segfault with e…
37cea22 
…mpty allow-from-file and allow-from options
@omoerbeek omoerbeek mentioned this pull request Apr 22, 2022
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@omoerbeek omoerbeek omoerbeek approved these changes

Assignees
No one assigned
Labels
defect rec
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@swegener @rgacogne @omoerbeek @kpfleming