diff options
| author |  Miek Gieben <miek@miek.nl>
| 2021-05-19 19:38:37 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2021-05-19 10:38:37 -0700 |
| commit | 5d80a6e21e415262a4753760032f4d8fdc8d1216 (patch) | |
| tree | efbeefb9c27b599727cfee3244e07c204f2c392d /test | |
| parent | df736adbc8971aef0053487258d1e5b241d945ec (diff) | |
| download | coredns-5d80a6e21e415262a4753760032f4d8fdc8d1216.tar.gz coredns-5d80a6e21e415262a4753760032f4d8fdc8d1216.tar.zst coredns-5d80a6e21e415262a4753760032f4d8fdc8d1216.zip | |
Fix obsure crash in Corefile parsing (#4637)
This was found by fuzzing.
We need to make this a fully qualified domain name to catch all errors
in dnsserver/register.go and not later when plugin.Normalize() is called again on these
strings, with the prime difference being that the domain name is fully
qualified. This was found by fuzzing where "ȶ" is deemed OK, but "ȶ." is
not (might be a bug in miekg/dns actually). But here we were checking ȶ,
which is OK, and later we barf in ȶ. leading to "index out of range".
Added a tests and check manually if it would crash with the current code
(yes), and fail with an error in this PR (yes).
Signed-off-by: Miek Gieben <miek@miek.nl>
Diffstat (limited to 'test')
| -rw-r--r-- | test/corefile_test.go | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/test/corefile_test.go b/test/corefile_test.go new file mode 100644 index 000000000..1f08ab2f1 --- /dev/null +++ b/test/corefile_test.go @@ -0,0 +1,17 @@ +package test + +import ( + "testing" +) + +func TestCorefile1(t *testing.T) { + corefile := `ȶ +acl +` + // this crashed, now it should return an error. + i, _, _, err := CoreDNSServerAndPorts(corefile) + if err == nil { + defer i.Stop() + t.Fatalf("Expected an error got none") + } +} |