Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: patch to fix *.onion MX query on c-ares #25840

Closed
wants to merge 1 commit into from

Conversation

XadillaX
Copy link
Contributor

c-ares rejects *.onion MX query but forgot to set *bufp to NULL. This
will occur SegmentFault when free *bufp.

I make this quick fix and then will make a PR for c-ares either.

Fixes: #25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • commit message follows commit guidelines

c-ares rejects *.onion MX query but forgot to set `*bufp` to NULL. This
will occur SegmentFault when free `*bufp`.

I make this quick fix and then will make a PR for c-ares either.

Fixes: nodejs#25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124
@nodejs-github-bot nodejs-github-bot added the cares Issues and PRs related to the c-ares dependency or the cares_wrap binding. label Jan 31, 2019
Copy link
Member

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For reference, it seems I introduced this bug in c-ares/c-ares#228 (and it's rather glaringly obvious in retrospect. Sigh.)

@danbev
Copy link
Contributor

danbev commented Feb 5, 2019

@danbev
Copy link
Contributor

danbev commented Feb 6, 2019

Landed in 4cc9b5f.

@danbev danbev closed this Feb 6, 2019
danbev pushed a commit that referenced this pull request Feb 6, 2019
c-ares rejects *.onion MX query but forgot to set `*bufp` to NULL. This
will occur SegmentFault when free `*bufp`.

I make this quick fix and then will make a PR for c-ares either.

PR-URL: #25840
Fixes: #25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
addaleax pushed a commit that referenced this pull request Feb 6, 2019
c-ares rejects *.onion MX query but forgot to set `*bufp` to NULL. This
will occur SegmentFault when free `*bufp`.

I make this quick fix and then will make a PR for c-ares either.

PR-URL: #25840
Fixes: #25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@targos targos mentioned this pull request Feb 14, 2019
@bnoordhuis
Copy link
Member

@nodejs/lts It'd be good to back-port this to v10.x. It fixes a potential denial-of-service.

MylesBorins pushed a commit to bnoordhuis/io.js that referenced this pull request May 16, 2019
c-ares rejects *.onion MX query but forgot to set `*bufp` to NULL. This
will occur SegmentFault when free `*bufp`.

I make this quick fix and then will make a PR for c-ares either.

PR-URL: nodejs#25840
Fixes: nodejs#25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request May 16, 2019
c-ares rejects *.onion MX query but forgot to set `*bufp` to NULL. This
will occur SegmentFault when free `*bufp`.

I make this quick fix and then will make a PR for c-ares either.

Backport-PR-URL: #27542
PR-URL: #25840
Fixes: #25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request May 16, 2019
c-ares rejects *.onion MX query but forgot to set `*bufp` to NULL. This
will occur SegmentFault when free `*bufp`.

I make this quick fix and then will make a PR for c-ares either.

Backport-PR-URL: #27542
PR-URL: #25840
Fixes: #25839
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_create_query.c#L97-L103
Refs: https://github.com/c-ares/c-ares/blob/955df98/ares_query.c#L124
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@BethGriggs BethGriggs mentioned this pull request May 16, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cares Issues and PRs related to the c-ares dependency or the cares_wrap binding.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

When dns module resolve mx, core dumped, and process aborted
9 participants