mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-20 21:31:28 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MEDIUM: resolvers: Test for empty tree when getting a record from DNS answer

Browse Source 
In the previous fix 5d1d93fad ("BUG/MEDIUM: resolvers: Properly handle empty
tree when getting a record from the DNS answer"), I missed the fact the
answer tree can be empty.

So, to avoid crashes, when the answer tree is empty, we immediately exit
from resolv_get_ip_from_response() function with RSLV_UPD_NO_IP_FOUND. In
addition, when a record is removed from the tree, we take care to reset the
next node saved if necessary.

This patch must be backported with the commit above.
This commit is contained in:
Christopher Faulet 2025-09-11 21:21:44 +02:00
parent d738fa4ec0
commit f6dfbbe870
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/resolvers.c
View File

@ -818,6 +818,8 @@ static void resolv_check_response(struct resolv_resolution *res)
resolv_srvrq_cleanup_srv(srv);
}
if (eb32 == res->response.next)
res->response.next = NULL;
eb32_delete(&item->link);
if (item->ar_item) {
pool_free(resolv_answer_item_pool, item->ar_item);
@ -1627,6 +1629,10 @@ int resolv_get_ip_from_response(struct resolv_response *r_res,
if (owner && LIST_INLIST(&owner->ip_rec_item))
return RSLV_UPD_NO;
/* there is no record in the answer tree */
if (eb_is_empty(&r_res->answer_tree))
return RSLV_UPD_NO_IP_FOUND;
family_priority = resolv_opts->family_prio;
allowed_duplicated_ip = resolv_opts->accept_duplicate_ip;
*newip = newip4 = newip6 = NULL;
@ -1992,6 +1998,7 @@ static void resolv_purge_resolution_answer_records(struct resolv_resolution *res
struct eb32_node *eb32, *eb32_back;
struct resolv_answer_item *item;
resolution->response.next = NULL;
for (eb32 = eb32_first(&resolution->response.answer_tree);
eb32 && (eb32_back = eb32_next(eb32), 1);
eb32 = eb32_back) {