svn commit: trunk/busybox: libbb networking

Thu May 22 17:41:01 UTC 2008

Author: vda
Date: 2008-05-22 10:41:01 -0700 (Thu, 22 May 2008)
New Revision: 22051

Log:
dnsd: fixes various segfaults.
One was a lib api change that was not updated and another
is a stack buffer overflow.
It also adds support for '*' in dnsd.conf. It resolves all hostnames to
a specific ip address. This is useful if you for example want redirect
all http traffic to your first-boot-web-wizard on you router/firewall.

By Timo Teras



Modified:
   trunk/busybox/libbb/udp_io.c
   trunk/busybox/networking/dnsd.c


Changeset:
Modified: trunk/busybox/libbb/udp_io.c
===================================================================

--- trunk/busybox/libbb/udp_io.c	2008-05-22 17:37:38 UTC (rev 22050)
+++ trunk/busybox/libbb/udp_io.c	2008-05-22 17:41:01 UTC (rev 22051)
@@ -36,11 +36,12 @@
 #else
 	struct iovec iov[1];
 	struct msghdr msg;
-	char cbuf[sizeof(struct in_pktinfo)
+	union {
+		char cmsg[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #if ENABLE_FEATURE_IPV6 && defined(IPV6_PKTINFO)
-		| sizeof(struct in6_pktinfo) /* (a|b) is poor man's max(a,b) */
+		char cmsg6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
 #endif
-	];
+	} u;
 	struct cmsghdr* cmsgptr;
 
 	if (from->sa_family != AF_INET
@@ -57,15 +58,15 @@
 	iov[0].iov_base = buf;
 	iov[0].iov_len = len;
 
-	memset(cbuf, 0, sizeof(cbuf));
+	memset(&u, 0, sizeof(u));
 
 	memset(&msg, 0, sizeof(msg));
 	msg.msg_name = (void *)(struct sockaddr *)to; /* or compiler will annoy us */
 	msg.msg_namelen = tolen;
 	msg.msg_iov = iov;
 	msg.msg_iovlen = 1;
-	msg.msg_control = cbuf;
-	msg.msg_controllen = sizeof(cbuf);
+	msg.msg_control = &u;
+	msg.msg_controllen = sizeof(u);
 	msg.msg_flags = flags;
 
 	cmsgptr = CMSG_FIRSTHDR(&msg);
@@ -89,6 +90,8 @@
 		pktptr->ipi6_addr = ((struct sockaddr_in6*)from)->sin6_addr;
 	}
 #endif
+	msg.msg_controllen = cmsgptr->cmsg_len;
+
 	return sendmsg(fd, &msg, flags);
 #endif
 }
@@ -109,7 +112,9 @@
 	struct iovec iov[1];
 	union {
 		char cmsg[CMSG_SPACE(sizeof(struct in_pktinfo))];
+#if ENABLE_FEATURE_IPV6 && defined(IPV6_PKTINFO)
 		char cmsg6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
+#endif
 	} u;
 	struct cmsghdr *cmsgptr;
 	struct msghdr msg;

Modified: trunk/busybox/networking/dnsd.c
===================================================================
--- trunk/busybox/networking/dnsd.c	2008-05-22 17:37:38 UTC (rev 22050)
+++ trunk/busybox/networking/dnsd.c	2008-05-22 17:41:01 UTC (rev 22051)
@@ -194,7 +194,8 @@
 			for (i = 1; i <= (int)(d->name[0]); i++)
 				if (tolower(qs[i]) != d->name[i])
 					break;
-			if (i > (int)(d->name[0])) {
+			if (i > (int)(d->name[0]) ||
+			    (d->name[0] == 1 && d->name[1] == '*')) {
 				strcpy((char *)as, d->ip);
 #if DEBUG
 				fprintf(stderr, " OK as:%s\n", as);
@@ -202,7 +203,8 @@
 				return 0;
 			}
 		} else if (type == REQ_PTR) { /* search by IP-address */
-			if (!strncmp((char*)&d->rip[1], (char*)&qs[1], strlen(d->rip)-1)) {
+			if ((d->name[0] != 1 || d->name[1] != '*') &&
+			    !strncmp((char*)&d->rip[1], (char*)&qs[1], strlen(d->rip)-1)) {
 				strcpy((char *)as, d->name);
 				return 0;
 			}
@@ -401,7 +403,7 @@
 		r = process_packet(buf);
 		if (r <= 0)
 			continue;
-		send_to_from(udps, buf, r, 0, &to->u.sa, &from->u.sa, lsa->len);
+		send_to_from(udps, buf, r, 0, &from->u.sa, &to->u.sa, lsa->len);
 	}
 	return 0;
 }


