[PATCH 00/13] nss_dns: Fix handling of non-host CNAMEs (bug 12154)

Florian Weimer fweimer@redhat.com
Wed Aug 10 09:30:13 GMT 2022 

This series is my last attempt at fixing bug 12154.  The bug is that
some sites have names like *.wildcard.example.org in their CNAME chains,
and we fail lookup completely instead of suppressing that invalid host
names.

The changes are more involved than I would have liked, but each time I
think I have a simple fix, I end up rewriting the DNS parsers.

Tested on i686-linux-gnu and x86_64-linux-gnu.

Thanks,
Florian

Florian Weimer (13):
  resolv: Add tst-resolv-byaddr for testing reverse lookup
  resolv: Add tst-resolv-aliases
  resolv: Add internal __res_binary_hnok function
  resolv: Add the __ns_samebinaryname function
  resolv: Add internal __ns_name_length_uncompressed function
  resolv: Add DNS packet parsing helpers geared towards wire format
  nss_dns: Split getanswer_ptr from getanswer_r
  nss_dns: Rewrite _nss_dns_gethostbyaddr2_r and getanswer_ptr
  nss_dns: Remove remnants of IPv6 address mapping
  nss_dns: Rewrite getanswer_r to match getanswer_ptr (bug 12154, bug
    29305)
  nss_dns: In gaih_getanswer_slice, skip strange aliases (bug 12154)
  resolv: Add new tst-resolv-invalid-cname
  nss_dns: Rewrite _nss_dns_gethostbyname4_r using current interfaces

 include/arpa/nameser.h                   |  106 ++
 include/resolv.h                         |    3 +
 resolv/Makefile                          |   23 +
 resolv/README                            |    3 -
 resolv/mapv4v6addr.h                     |   69 --
 resolv/mapv4v6hostent.h                  |   84 --
 resolv/ns_name_length_uncompressed.c     |   72 ++
 resolv/ns_rr_cursor_init.c               |   62 ++
 resolv/ns_rr_cursor_next.c               |   74 ++
 resolv/ns_samebinaryname.c               |   55 +
 resolv/nss_dns/dns-host.c                | 1184 +++++++++-------------
 resolv/res-name-checking.c               |   14 +-
 resolv/tst-ns_name_length_uncompressed.c |  135 +++
 resolv/tst-ns_rr_cursor.c                |  227 +++++
 resolv/tst-ns_samebinaryname.c           |   62 ++
 resolv/tst-resolv-aliases.c              |  267 +++++
 resolv/tst-resolv-byaddr.c               |  339 +++++++
 resolv/tst-resolv-invalid-cname.c        |  406 ++++++++
 18 files changed, 2303 insertions(+), 882 deletions(-)
 delete mode 100644 resolv/mapv4v6addr.h
 delete mode 100644 resolv/mapv4v6hostent.h
 create mode 100644 resolv/ns_name_length_uncompressed.c
 create mode 100644 resolv/ns_rr_cursor_init.c
 create mode 100644 resolv/ns_rr_cursor_next.c
 create mode 100644 resolv/ns_samebinaryname.c
 create mode 100644 resolv/tst-ns_name_length_uncompressed.c
 create mode 100644 resolv/tst-ns_rr_cursor.c
 create mode 100644 resolv/tst-ns_samebinaryname.c
 create mode 100644 resolv/tst-resolv-aliases.c
 create mode 100644 resolv/tst-resolv-byaddr.c
 create mode 100644 resolv/tst-resolv-invalid-cname.c


base-commit: 2ed26bca997a8fc898f4cb94484abaee2f307311
-- 
2.37.1

More information about the Libc-alpha mailing list