From dc2e6f35570e16e73479bfe5fc6d6c8156d8528c Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Fri, 9 Aug 2019 04:41:24 +0000 Subject: user/c-ares: fix segfault with .onion TLD --- user/c-ares/onion-segfault.patch | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 user/c-ares/onion-segfault.patch (limited to 'user/c-ares/onion-segfault.patch') diff --git a/user/c-ares/onion-segfault.patch b/user/c-ares/onion-segfault.patch new file mode 100644 index 000000000..7e5a712cd --- /dev/null +++ b/user/c-ares/onion-segfault.patch @@ -0,0 +1,36 @@ +From 43a915a1b741b7c5bad2f622de90f353cdae7694 Mon Sep 17 00:00:00 2001 +From: Khaidi Chu +Date: Mon, 4 Feb 2019 10:38:07 +0800 +Subject: [PATCH] fix: init bufp before reject .onion to make it can be free + correctly (#241) + +When querying a .onion domain, it returns directly without setting bufp to NULL. A subsequent free() that occurs can cause a segmentation fault. + +Fix By: Khaidi Chu (@XadillaX) +--- + ares_create_query.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/ares_create_query.c b/ares_create_query.c +index 1606b1a1..9efce17c 100644 +--- a/ares_create_query.c ++++ b/ares_create_query.c +@@ -94,14 +94,14 @@ int ares_create_query(const char *name, int dnsclass, int type, + size_t buflen; + unsigned char *buf; + +- /* Per RFC 7686, reject queries for ".onion" domain names with NXDOMAIN. */ +- if (ares__is_onion_domain(name)) +- return ARES_ENOTFOUND; +- + /* Set our results early, in case we bail out early with an error. */ + *buflenp = 0; + *bufp = NULL; + ++ /* Per RFC 7686, reject queries for ".onion" domain names with NXDOMAIN. */ ++ if (ares__is_onion_domain(name)) ++ return ARES_ENOTFOUND; ++ + /* Allocate a memory area for the maximum size this packet might need. +2 + * is for the length byte and zero termination if no dots or ecscaping is + * used. -- cgit v1.2.3-60-g2f50