Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure a valid range to string() in PacketReader::getUnquotedText() #7813

Merged
merged 1 commit into from May 14, 2019

Conversation

Projects
None yet
3 participants
@rgacogne
Copy link
Member

commented May 13, 2019

Short description

This PR is quite similar to #7272.

In some cases we might have called:

string::string(InputIt first, InputIt last)

with last < first, which is invalid.

libstdc++ handles that gracefully by throwing an out-of-range exception but libc++ tries to allocate a negative value of bytes, which in turns triggers a request for a very large memory allocation, which fails.

This issue was triggered on OSS-fuzz.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@rgacogne rgacogne requested a review from omoerbeek May 13, 2019

@Habbie

This comment has been minimized.

Copy link
Member

commented May 14, 2019

Want to rebase so circleci can test it?

Ensure a valid range to string() in PacketReader::getUnquotedText()
In some cases we might have called:

string::string(InputIt first, InputIt last)

with last < first, which is invalid.

libstdc++ handles that gracefully by throwing an out-of-range exception
but libc++ tries to allocate a negative value of bytes, which in turns
triggers a request for a very large memory allocation, which fails.

@rgacogne rgacogne force-pushed the rgacogne:dnsparser-unquoted-overflow branch from 0c57678 to d7bbbcf May 14, 2019

@rgacogne

This comment has been minimized.

Copy link
Member Author

commented May 14, 2019

Want to rebase so circleci can test it?

Done!

@Habbie Habbie merged commit ae6be35 into PowerDNS:master May 14, 2019

18 checks passed

ci/circleci: build-auth Your tests passed on CircleCI!
Details
ci/circleci: build-recursor Your tests passed on CircleCI!
Details
ci/circleci: test-auth-algorithms Your tests passed on CircleCI!
Details
ci/circleci: test-auth-api Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-bind Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-gmysql Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-gpgsql Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-gsqlite3 Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-ldap Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-lmdb Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-mydns Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-odbc-mssql Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-odbc-sqlite3 Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-tinydns Your tests passed on CircleCI!
Details
ci/circleci: test-recursor-api Your tests passed on CircleCI!
Details
ci/circleci: test-recursor-bulk Your tests passed on CircleCI!
Details
ci/circleci: test-recursor-regression Your tests passed on CircleCI!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@rgacogne rgacogne deleted the rgacogne:dnsparser-unquoted-overflow branch May 15, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.