Browse code

core: dns cache - safety checks for rdata field

(cherry picked from commit 7ea3b97c8acf8b623563b7a9fbf4ba23ea3e9170)
(cherry picked from commit e2d4ab36df274e92e9e04fc8b1973a49c3489b9b)

Daniel-Constantin Mierla authored on 08/04/2021 09:37:08 • Henning Westerholt committed on 22/10/2021 11:49:21
Showing 1 changed files
... ...
@@ -3929,7 +3929,7 @@ static struct dns_hash_entry *dns_cache_clone_entry(struct dns_hash_entry *e,
3929 3929
 	size = e->total_size;
3930 3930
 	if (rdata_size) {
3931 3931
 		/* we have to extend the entry */
3932
-		rounded_size = ROUND_POINTER(size); /* size may not have been 
3932
+		rounded_size = ROUND_POINTER(size); /* size may not have been
3933 3933
 												rounded previously */
3934 3934
 		switch (e->type) {
3935 3935
 			case T_A:
... ...
@@ -3981,7 +3981,7 @@ static struct dns_hash_entry *dns_cache_clone_entry(struct dns_hash_entry *e,
3981 3981
 	/* fix the pointers inside the rr structures */
3982 3982
 	last_rr = NULL;
3983 3983
 	for (rr=new->rr_lst; rr; rr=rr->next) {
3984
-		rr->rdata = (void*)translate_pointer((char*)new, (char*)e, 
3984
+		rr->rdata = (void*)translate_pointer((char*)new, (char*)e,
3985 3985
 												(char*)rr->rdata);
3986 3986
 		if (rr->next)
3987 3987
 			rr->next = (struct dns_rr*)translate_pointer((char*)new, (char*)e,
... ...
@@ -3991,6 +3991,10 @@ static struct dns_hash_entry *dns_cache_clone_entry(struct dns_hash_entry *e,
3991 3991
 
3992 3992
 		switch(e->type){
3993 3993
 			case T_NAPTR:
3994
+				if(rr->rdata==NULL) {
3995
+					LM_WARN("null rdata filed for type: %u\n", e->type);
3996
+					break;
3997
+				}
3994 3998
 				/* there are pointers inside the NAPTR rdata stucture */
3995 3999
 				((struct naptr_rdata*)rr->rdata)->flags =
3996 4000
 					translate_pointer((char*)new, (char*)e,
... ...
@@ -4009,6 +4013,10 @@ static struct dns_hash_entry *dns_cache_clone_entry(struct dns_hash_entry *e,
4009 4013
 						((struct naptr_rdata*)rr->rdata)->repl);
4010 4014
 				break;
4011 4015
 			case T_TXT:
4016
+				if(rr->rdata==NULL) {
4017
+					LM_WARN("null rdata filed for type: %u\n", e->type);
4018
+					break;
4019
+				}
4012 4020
 				/* there are pointers inside the TXT structure */
4013 4021
 				for (i=0; i<((struct txt_rdata*)rr->rdata)->cstr_no; i++){
4014 4022
 					((struct txt_rdata*)rr->rdata)->txt[i].cstr=
... ...
@@ -4017,6 +4025,10 @@ static struct dns_hash_entry *dns_cache_clone_entry(struct dns_hash_entry *e,
4017 4025
 				}
4018 4026
 				break;
4019 4027
 			case T_EBL:
4028
+				if(rr->rdata==NULL) {
4029
+					LM_WARN("null rdata filed for type: %u\n", e->type);
4030
+					break;
4031
+				}
4020 4032
 				/* there are pointers inside the EBL structure */
4021 4033
 				((struct ebl_rdata*)rr->rdata)->separator =
4022 4034
 					translate_pointer((char*)new, (char*)e,
... ...
@@ -4057,7 +4069,7 @@ static struct dns_hash_entry *dns_cache_clone_entry(struct dns_hash_entry *e,
4057 4069
  * If there is an existing record with the same name and value
4058 4070
  * (ip address in case of A/AAAA record, name in case of SRV record)
4059 4071
  * only the remaining fields are updated.
4060
- * 
4072
+ *
4061 4073
  * Note that permanent records cannot be overwritten unless
4062 4074
  * the new record is also permanent. A permanent record
4063 4075
  * completely replaces a non-permanent one.