Hi Simon, This is a regression. When dnsmasq is started without upstreams (yet), but a DNS query comes in that needs forwarding dnsmasq now potentially crashes as the value for "first" variable is undetermined.
A segmentation violation occurs when the index is out of bounds of
serverarray.
(gdb) run -d --log-queries --log-debug -R
Starting program: /var/tmp/git/dnsmasq/src/dnsmasq -d --log-queries --log-
debug -R
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
dnsmasq: started, version 2.91rc5-2-ge427d4b cachesize 150
dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN
DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-nftset auth no-DNSSEC loop-
detect inotify dumpfile
dnsmasq: warning: no upstream servers configured
dnsmasq: read /etc/hosts - 42 names
dnsmasq: *** log_query_mysockaddr: IN
dnsmasq: query[A] freshtomato.org from 127.0.0.1
dnsmasq: *** forward_query: IN
dnsmasq: *** forward_query: new query
dnsmasq: *** forward_query: if (!lookup_domain())
dnsmasq: *** forward_query: before master =
dnsmasq: *** forward_query: first=[-8080]
Program received signal SIGSEGV, Segmentation fault.
0x0000555555578c83 in forward_query (udpfd=udpfd@entry=4,
udpaddr=udpaddr@entry=0x7fffffffe180, dst_addr=dst_addr@entry=0x7fffffffe160,
dst_iface=dst_iface@entry=1, header=header@entry=0x5555555be2f0,
plen=plen@entry=56, replylimit=1232, now=1741871839, forward=0x0,
fwd_flags=160, fast_retry=0) at forward.c:398
398 master = daemon->serverarray[first];
(gdb) bt
#0 0x0000555555578c83 in forward_query (udpfd=udpfd@entry=4,
udpaddr=udpaddr@entry=0x7fffffffe180, dst_addr=dst_addr@entry=0x7fffffffe160,
dst_iface=dst_iface@entry=1, header=header@entry=0x5555555be2f0,
plen=plen@entry=56,
replylimit=1232, now=1741871839, forward=0x0, fwd_flags=160, fast_retry=0)
at forward.c:398
#1 0x0000555555579c27 in receive_query (listen=<optimized out>,
now=now@entry=1741871839) at forward.c:2053
#2 0x000055555557e184 in check_dns_listeners (now=now@entry=1741871839) at
dnsmasq.c:1912
#3 0x000055555555dfc0 in main (argc=<optimized out>, argv=<optimized out>) at
dnsmasq.c:1289
(gdb) quit
Please consider the following patch...
Credits go to pedro0311 <pe...@freshtomato.org>
>From 0d87b0ac8ed525ab1eb43b753145702eba0db197 Mon Sep 17 00:00:00 2001
From: Tijs Van Buggenhout <tijs.van.buggenh...@axsguard.com>
Date: Thu, 13 Mar 2025 14:42:10 +0100
Subject: [PATCH] Partially revert "Always save forwarded query locally."
This partially reverts commit 3b6df06fb8cb3652d2e7afd085fae3f416408013.
---
src/forward.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/forward.c b/src/forward.c
index 8207a7e..939a4dc 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -353,9 +353,7 @@ static void forward_query(int udpfd, union mysockaddr
*udpaddr,
ede = EDE_NOT_READY;
flags = 0;
}
-
- master = daemon->serverarray[first];
-
+
/* don't forward A or AAAA queries for simple names, except the empty
name */
if (!flags &&
option_bool(OPT_NODOTS_LOCAL) &&
@@ -368,6 +366,8 @@ static void forward_query(int udpfd, union mysockaddr
*udpaddr,
if (flags || ede == EDE_NOT_READY)
goto reply;
+ master = daemon->serverarray[first];
+
if (!(forward = get_new_frec(now, master, 0)))
goto reply;
/* table full - flags == 0, return REFUSED */
--
2.37.4
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
