Fix sigabrt on TCP query (https://github.com/PowerDNS/pdns/issues/6712)
This commit is contained in:
parent
266af43a91
commit
fbaf1b1431
@ -4,12 +4,13 @@
|
|||||||
|
|
||||||
Name: dnsdist
|
Name: dnsdist
|
||||||
Version: 1.3.0
|
Version: 1.3.0
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
Summary: Highly DNS-, DoS- and abuse-aware loadbalancer
|
Summary: Highly DNS-, DoS- and abuse-aware loadbalancer
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
URL: https://dnsdist.org
|
URL: https://dnsdist.org
|
||||||
Source0: http://downloads.powerdns.com/releases/%{name}-%{version}.tar.bz2
|
Source0: http://downloads.powerdns.com/releases/%{name}-%{version}.tar.bz2
|
||||||
|
Patch0: fix-sigabrt.patch
|
||||||
|
|
||||||
BuildRequires: boost-devel
|
BuildRequires: boost-devel
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
@ -46,6 +47,7 @@ legitimate users while shunting or blocking abusive traffic.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n %{name}-%{version}
|
%setup -q -n %{name}-%{version}
|
||||||
|
%patch0 -p2
|
||||||
|
|
||||||
# run as dnsdist user
|
# run as dnsdist user
|
||||||
sed -i '/^ExecStart/ s/dnsdist/dnsdist -u dnsdist -g dnsdist/' dnsdist.service.in
|
sed -i '/^ExecStart/ s/dnsdist/dnsdist -u dnsdist -g dnsdist/' dnsdist.service.in
|
||||||
@ -111,6 +113,9 @@ exit 0
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jun 06 2018 Ruben Kerkhof <ruben@rubenkerkhof.com> - 1.3.0-2
|
||||||
|
- Fix sigabrt on TCP query (https://github.com/PowerDNS/pdns/issues/6712)
|
||||||
|
|
||||||
* Thu May 31 2018 Ruben Kerkhof <ruben@rubenkerkhof.com> - 1.3.0-1
|
* Thu May 31 2018 Ruben Kerkhof <ruben@rubenkerkhof.com> - 1.3.0-1
|
||||||
- Upstream released new version
|
- Upstream released new version
|
||||||
- Enable DNS over TLS
|
- Enable DNS over TLS
|
||||||
|
36
fix-sigabrt.patch
Normal file
36
fix-sigabrt.patch
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
From 60a518c8c246f43c53694160ebb7ca8b8b5c6346 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Remi Gacogne <remi.gacogne@powerdns.com>
|
||||||
|
Date: Wed, 6 Jun 2018 00:10:13 +0200
|
||||||
|
Subject: [PATCH] dnsdist: Don't access the TCP buffer vector past its size
|
||||||
|
|
||||||
|
The required memory has been reserve()'d, but we are not allowed to
|
||||||
|
access it directly, and it breaks when compiled with the following
|
||||||
|
flag, checking any access to containers as if .at() were used:
|
||||||
|
|
||||||
|
-D_GLIBCXX_ASSERTIONS
|
||||||
|
---
|
||||||
|
pdns/dnsdist-tcp.cc | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
|
||||||
|
index 0eb7ea1396..ab2bda916c 100644
|
||||||
|
--- a/pdns/dnsdist-tcp.cc
|
||||||
|
+++ b/pdns/dnsdist-tcp.cc
|
||||||
|
@@ -315,7 +315,7 @@ void* tcpClientThread(int pipefd)
|
||||||
|
bool ecsAdded = false;
|
||||||
|
/* allocate a bit more memory to be able to spoof the content,
|
||||||
|
or to add ECS without allocating a new buffer */
|
||||||
|
- queryBuffer.reserve(qlen + 512);
|
||||||
|
+ queryBuffer.resize(qlen + 512);
|
||||||
|
|
||||||
|
char* query = &queryBuffer[0];
|
||||||
|
handler.read(query, qlen, g_tcpRecvTimeout, remainingTime);
|
||||||
|
@@ -358,7 +358,7 @@ void* tcpClientThread(int pipefd)
|
||||||
|
uint16_t qtype, qclass;
|
||||||
|
unsigned int consumed = 0;
|
||||||
|
DNSName qname(query, qlen, sizeof(dnsheader), false, &qtype, &qclass, &consumed);
|
||||||
|
- DNSQuestion dq(&qname, qtype, qclass, &dest, &ci.remote, dh, queryBuffer.capacity(), qlen, true, &queryRealTime);
|
||||||
|
+ DNSQuestion dq(&qname, qtype, qclass, &dest, &ci.remote, dh, queryBuffer.size(), qlen, true, &queryRealTime);
|
||||||
|
|
||||||
|
if (!processQuery(holders, dq, poolname, &delayMsec, now)) {
|
||||||
|
goto drop;
|
Loading…
Reference in New Issue
Block a user