Created by VCS imports and last modified
Get this branch:
bzr branch lp:dnsmasq

Branch merges

Related bugs

Related blueprints

Branch information

VCS imports

Import details

Import Status: Failed

This branch is an import of the HEAD branch of the Git repository at git://thekelleys.org.uk/dnsmasq.git.

The import has been suspended because it failed 5 or more times in succession.

Last successful import was .

Import started on pear and finished taking 20 seconds — see the log
Import started on pear and finished taking 15 seconds — see the log
Import started on pear and finished taking 15 seconds — see the log
Import started on pear and finished taking 20 seconds — see the log

Recent revisions

1127. By Simon Kelley

Fix logic on EDNS0 headers.

The logic to determine is an EDNS0 header was added was wrong. It compared
the packet length before and after the operations on the EDNS0 header,
but these can include adding options to an existing EDNS0 header. So
a query may have an existing EDNS0 header, which is extended, and logic
thinks that it had a header added de-novo.

Replace this with a simpler system. Check if the packet has an EDSN0 header,
do the updates/additions, and then check again. If it didn't have one
initially, but it has one laterly, that's the correct condition
to strip the header from a reply, and to assume that the client
cannot handle packets larger than 512 bytes.

1126. By Simon Kelley

Use IP[V6]_UNICAST_IF socket option instead of SO_BINDTODEVICE for DNS.

dnsmasq allows to specify a interface for each name server passed with
the -S option or pushed through D-Bus; when an interface is set,
queries to the server will be forced via that interface.

Currently dnsmasq uses SO_BINDTODEVICE to enforce that traffic goes
through the given interface; SO_BINDTODEVICE also guarantees that any
response coming from other interfaces is ignored.

This can cause problems in some scenarios: consider the case where
eth0 and eth1 are in the same subnet and eth0 has a name server ns0
associated. There is no guarantee that the response to a query sent
via eth0 to ns0 will be received on eth0 because the local router may
have in the ARP table the MAC address of eth1 for the IP of eth0. This
can happen because Linux sends ARP responses for all the IPs of the
machine through all interfaces. The response packet on the wrong
interface will be dropped because of SO_BINDTODEVICE and the
resolution will fail.

To avoid this situation, dnsmasq should only restrict queries, but not
responses, to the given interface. A way to do this on Linux is with
the IP_UNICAST_IF and IPV6_UNICAST_IF socket options which were added
in kernel 3.4 and, respectively, glibc versions 2.16 and 2.26.

Reported-by: Hector Martin <email address hidden>
Signed-off-by: Beniamino Galvani <email address hidden>

1125. By Simon Kelley

Fix search_servers() segfault with DNSSEC.

--address=/example.com/<IP> would segfault if query on example.com
was generated as part of DNSSEC validation.

1124. By Simon Kelley

Spaces in CNAME options break parsing.

cname = wibble,wobble

works, but

cname = wibble, wobble

fails. Bug introduced in 2.77. commit a1d973f987e392870ba42a7e9d4d3cd166879ea0

1123. By Simon Kelley

Merge i18n messages.

1122. By Simon Kelley

Debian changlelog update.

1121. By Simon Kelley

Security fix, CVE-2017-14491, DNS heap buffer overflow.

Further fix to 0549c73b7ea6b22a3c49beb4d432f185a81efcbc
Handles case when RR name is not a pointer to the question,
only occurs for some auth-mode replies, therefore not
detected by fuzzing (?)

1120. By Simon Kelley

Update credits for Google security team.

1119. By Simon Kelley

Misc code cleanups arising from Google analysis.
No security impleications or CVEs.

1118. By Simon Kelley

Security fix, CVE-2017-14495, OOM in DNS response creation.

Fix out-of-memory Dos vulnerability. An attacker which can
send malicious DNS queries to dnsmasq can trigger memory
allocations in the add_pseudoheader function
The allocated memory is never freed which leads to a DoS
through memory exhaustion. dnsmasq is vulnerable only
if one of the following option is specified:
--add-mac, --add-cpe-id or --add-subnet.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.


No subscribers.