Skip to content

Commit

Permalink
dns_conf: check if the IP of bind is valid
Browse files Browse the repository at this point in the history
  • Loading branch information
@pymumu
pymumu committed Mar 12, 2024
1 parent 40dc9ec commit fc279fb
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 3 deletions.
23 changes: 23 additions & 0 deletions src/dns_conf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2994,6 +2994,24 @@ static int _config_bind_ip_parser_ipset(struct dns_bind_ip *bind_ip, unsigned in
return -1;
}

static int _bind_is_ip_valid(const char *ip)
{
struct sockaddr_storage addr;
socklen_t addr_len = sizeof(addr);
char ip_check[MAX_IP_LEN];
int port_check = 0;

if (parse_ip(ip, ip_check, &port_check) != 0) {
return -1;
}

if (getaddr_by_host(ip_check, (struct sockaddr *)&addr, &addr_len) != 0) {
return -1;
}

return 0;
}

static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
{
int index = dns_conf_bind_ip_num;
Expand Down Expand Up @@ -3040,6 +3058,11 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
return 0;
}

if (_bind_is_ip_valid(ip) != 0) {
tlog(TLOG_ERROR, "bind ip address invalid: %s", ip);
return -1;
}

for (i = 0; i < dns_conf_bind_ip_num; i++) {
bind_ip = &dns_conf_bind_ip[i];
if (bind_ip->type != type) {
Expand Down
8 changes: 5 additions & 3 deletions src/dns_server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8705,7 +8705,7 @@ static int _dns_create_socket(const char *host_ip, int type)
snprintf(port_str, sizeof(port_str), "%d", port);
gai = _dns_server_getaddr(host, port_str, type, 0);
if (gai == NULL) {
tlog(TLOG_ERROR, "get address failed.\n");
tlog(TLOG_ERROR, "get address failed.");
goto errout;
}

Expand Down Expand Up @@ -8771,6 +8771,8 @@ static int _dns_create_socket(const char *host_ip, int type)
if (gai) {
freeaddrinfo(gai);
}

tlog(TLOG_ERROR, "add server failed, host-ip: %s, type: %d", host_ip, type);
return -1;
}

Expand Down Expand Up @@ -9262,6 +9264,8 @@ int dns_server_init(void)
INIT_LIST_HEAD(&server.conn_list);
time(&server.cache_save_time);
atomic_set(&server.request_num, 0);
pthread_mutex_init(&server.request_list_lock, NULL);
INIT_LIST_HEAD(&server.request_list);

epollfd = epoll_create1(EPOLL_CLOEXEC);
if (epollfd < 0) {
Expand All @@ -9275,8 +9279,6 @@ int dns_server_init(void)
goto errout;
}

pthread_mutex_init(&server.request_list_lock, NULL);
INIT_LIST_HEAD(&server.request_list);
server.epoll_fd = epollfd;
atomic_set(&server.run, 1);

Expand Down

0 comments on commit fc279fb

Please sign in to comment.