Fix possible SEGV when no servers defined.

If there exists a --address=/<domain>/ or --server=/<domain>/# configuration but no upstream server config unqualified by domain then when a query which doesnt match the domain is recieved it will use the qualfied server config and in the process possibly make an out-of-bounds memory access. Thanks to Daniel Danzberger for spotting the bug.
2025-12-19 10:18:25 +00:00 · 2023-03-06 23:00:58 +00:00
parent 997982f78b
commit f5ef0f064c
2 changed files with 14 additions and 2 deletions
--- a/11
+++ b/11
@@ -1,3 +1,14 @@
+version 2.90
+	Fix reversion in --rev-server introduced in 2.88 which
+	caused breakage if the prefix length is not exactly divisible
+	by 8 (IPv4) or 4 (IPv6).
+
+	Fix possible SEGV when there server(s) for a particular
+	domain are configured, but no server which is not qualified
+	for a particular domain. Thanks to Daniel Danzberger for
+	spotting this bug.
+	
+
 version 2.89
        Fix bug introduced in 2.88 (commit fe91134b) which can result
 	in corruption of the DNS cache internal data structures and
--- a/src/domain-match.c
+++ b/src/domain-match.c
@@ -253,9 +253,10 @@ int lookup_domain(char *domain, int flags, int *lowout, int *highout)
  if (highout)
    *highout = nhigh;

-  if (nlow == nhigh)
+  /* qlen == -1 when we failed to match even an empty query, if there are no default servers. */
+  if (nlow == nhigh || qlen == -1)
    return 0;
-
+  
  return 1;
 }