From owner-freebsd-ports Mon Jul 29 10:30:12 2002 Delivered-To: freebsd-ports@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41DDA37B400 for ; Mon, 29 Jul 2002 10:30:03 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C69D43E3B for ; Mon, 29 Jul 2002 10:30:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6THU1JU011449 for ; Mon, 29 Jul 2002 10:30:01 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6THU1pY011448; Mon, 29 Jul 2002 10:30:01 -0700 (PDT) Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A3F137B420 for ; Mon, 29 Jul 2002 10:24:33 -0700 (PDT) Received: from tapil.com (dsl092-068-186.bos1.dsl.speakeasy.net [66.92.68.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id 021BC43E4A for ; Mon, 29 Jul 2002 10:24:32 -0700 (PDT) (envelope-from madler@grumpy.tapil.com) Received: from grumpy.tapil.com (localhost.tapil.com [127.0.0.1]) by tapil.com (8.12.3/8.12.3) with ESMTP id g6THOVnp009143 for ; Mon, 29 Jul 2002 13:24:31 -0400 (EDT) (envelope-from madler@grumpy.tapil.com) Received: (from root@localhost) by grumpy.tapil.com (8.12.3/8.12.3/Submit) id g6THOPoL009142; Mon, 29 Jul 2002 13:24:25 -0400 (EDT) Message-Id: <200207291724.g6THOPoL009142@grumpy.tapil.com> Date: Mon, 29 Jul 2002 13:24:25 -0400 (EDT) From: "Michael C. Adler" Reply-To: "Michael C. Adler" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: ports/41128: recv_addr init wrong and 512 byte udp packets dropped Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 41128 >Category: ports >Synopsis: recv_addr init wrong and 512 byte udp packets dropped >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jul 29 10:30:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Michael C. Adler >Release: FreeBSD 4.6-RELEASE i386 >Organization: >Environment: System: FreeBSD grumpy.tapil.com 4.6-RELEASE FreeBSD 4.6-RELEASE #2: Tue Jul 16 08:18:31 EDT 2002 madler@grumpy.tapil.com:/usr/obj/usr/src/sys/GRUMPY i386 >Description: There are a few bugs in dnrd that should probably be fixed by the author but could be made to work on bsd: 1. Initialization in common.h of recv_addr is broken, causing at least the '-a' switch not to work. Instead of assuming positions of fields in the struct across platforms I thought it safer to do a standard initialization in main(). 2. The buffer overflow code in udp.c:dnsrecv() is off by one, rejecting messages where the size exactly fills the available buffer. I also changed to the calls to dnsrecv to pass 512 as the max size instead of the buffers that seem to be padded by 4 bytes for a reason I don't understand. This causes a calling named to resend packets. Eventually one seems to get through but response times can be painfully slow. >How-To-Repeat: >Fix: *** main.c.~1~ Sun Jul 28 23:01:46 2002 --- main.c Sun Jul 28 23:04:15 2002 *************** *** 82,87 **** --- 82,91 ---- /* * Parse the command line. */ + memset(&recv_addr, 0, sizeof(recv_addr)); + recv_addr.sin_family = AF_INET; + recv_addr.sin_port = htons(53); + parse_args(argc, argv); openlog(progname, LOG_PID, LOG_DAEMON); *** udp.c.~1~ Fri Oct 29 22:19:33 1999 --- udp.c Mon Jul 29 12:58:59 2002 *************** *** 74,80 **** /* Read in the message */ addr_len = sizeof(struct sockaddr_in); ! len = recvfrom(isock, msg, sizeof(msg), 0, (struct sockaddr *)&from_addr, &addr_len); if (len < 0) { log_debug("recvfrom error %s", strerror(errno)); --- 74,80 ---- /* Read in the message */ addr_len = sizeof(struct sockaddr_in); ! len = recvfrom(isock, msg, maxsize, 0, (struct sockaddr *)&from_addr, &addr_len); if (len < 0) { log_debug("recvfrom error %s", strerror(errno)); *************** *** 172,178 **** inet_ntoa(dns_srv[k].addr.sin_addr)); return (-1); } ! else if (rc == len) { log_msg(LOG_NOTICE, "packet too large: %s", inet_ntoa(dns_srv[k].addr.sin_addr)); return (0); --- 172,178 ---- inet_ntoa(dns_srv[k].addr.sin_addr)); return (-1); } ! else if (rc > len) { log_msg(LOG_NOTICE, "packet too large: %s", inet_ntoa(dns_srv[k].addr.sin_addr)); return (0); *************** *** 202,208 **** struct sockaddr_in from_addr; unsigned addr_len; ! len = dnsrecv(srvidx, msg, sizeof(msg)); if (opt_debug) { char buf[80]; sprintf_cname(&msg[12], buf, 80); --- 202,208 ---- struct sockaddr_in from_addr; unsigned addr_len; ! len = dnsrecv(srvidx, msg, maxsize); if (opt_debug) { char buf[80]; sprintf_cname(&msg[12], buf, 80); >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message