Skip to content
Permalink
Browse files

Limit dns-servers to 3 entries

Found by: weweilep
Patch by: michaelortmann
Fixes: #901

* Prevent crash condition when dns-servers lists more servers than the resolver library's MAXNS (usually defined to 3)
* Update dns-server buffer size to accommodate max full-length IPv6 addresses
  • Loading branch information
michaelortmann authored and vanosg committed Dec 11, 2019
1 parent bb69267 commit 7934bbdf7b9c4b1f1ce09a0c1e0c4d1dc329d22c
Showing with 18 additions and 8 deletions.
  1. +4 −2 eggdrop-basic.conf
  2. +3 −2 eggdrop.conf
  3. +11 −4 src/mod/dns.mod/dns.c
@@ -312,8 +312,10 @@ set mod-path "modules/"
## In case your bot has trouble finding dns servers or you want to use
## specific ones, you can set them here. The value is a list of dns servers.
## The order doesn't matter. You can also specify a non-standard port.
## The default is to use the system specified dns servers.
#set dns-servers "8.8.8.8 8.8.4.4"
## The default is to use the system specified dns servers. You don't need to
## modify this setting normally. Default kernel implementations limit this list
## to 3 servers.
#set dns-servers "8.8.8.8 1.1.1.1 185.222.222.222"

#### CHANNELS MODULE ####

@@ -641,8 +641,9 @@ loadmodule dns
# specific ones, you can set them here. The value is a list of dns servers.
# The order doesn't matter. You can also specify a non-standard port.
# The default is to use the system specified dns servers. You don't need to
# modify this setting normally.
#set dns-servers "8.8.8.8 8.8.4.4"
# modify this setting normally. Default kernel implementations limit this list
## to 3 servers.
#set dns-servers "8.8.8.8 1.1.1.1 185.222.222.222"

# Specify how long should the DNS module cache replies at maximum. The value
# must be in seconds.
@@ -37,7 +37,7 @@ static int dns_retrydelay = 3;
static int dns_cache = 86400;
static int dns_negcache = 600;

static char dns_servers[121] = "";
static char dns_servers[144] = "";

#include "coredns.c"

@@ -131,15 +131,15 @@ static tcl_ints dnsints[] = {
};

static tcl_strings dnsstrings[] = {
{"dns-servers", dns_servers, 120, 0},
{"dns-servers", dns_servers, 143, 0},
{NULL, NULL, 0, 0}
};

static char *dns_change(ClientData cdata, Tcl_Interp *irp,
EGG_CONST char *name1,
EGG_CONST char *name2, int flags)
{
char buf[121], *p;
char buf[sizeof dns_servers], *p;
unsigned short port;
int i, lc, code;
EGG_CONST char **list, *slist;
@@ -164,6 +164,11 @@ static char *dns_change(ClientData cdata, Tcl_Interp *irp,
/* reinitialize the list */
myres.nscount = 0;
for (i = 0; i < lc; i++) {
if (myres.nscount >= MAXNS) {
putlog(LOG_MISC, "*", "WARNING: %i dns-servers configured but kernel-defined"
"limit is %i, ignoring extra servers\n", lc, MAXNS);
break;
}
if ((p = strchr(list[i], ':'))) {
*p++ = 0;
/* allow non-standard ports */
@@ -176,6 +181,8 @@ static char *dns_change(ClientData cdata, Tcl_Interp *irp,
myres.nsaddr_list[myres.nscount].sin_family = AF_INET;
myres.nscount++;
}
else
putlog(LOG_MISC, "*", "WARNING: Invalid dns-server %s", list[i]);
}
Tcl_Free((char *) list);
}
@@ -291,7 +298,7 @@ char *dns_start(Function *global_funcs)

global = global_funcs;

module_register(MODULE_NAME, dns_table, 1, 1);
module_register(MODULE_NAME, dns_table, 1, 2);
if (!module_depend(MODULE_NAME, "eggdrop", 108, 0)) {
module_undepend(MODULE_NAME);
return "This module requires Eggdrop 1.8.0 or later.";

0 comments on commit 7934bbd

Please sign in to comment.
You can’t perform that action at this time.