OK, so I should have done this in the first place and used git bisect to 
find out which commit in Dnsmasq introduced this behaviour:

 fa78573778cb23337f67f5d0c9de723169919047 is the first bad commit
 commit fa78573778cb23337f67f5d0c9de723169919047
 Author: Simon Kelley <si...@thekelleys.org.uk>
 Date:   Fri Jul 22 20:56:01 2016 +0100

    Zero packet buffers before building output, to reduce risk
    of information leakage.

The whole commit cannot be reverted cleanly now, but in my case reverting 
only the change to src/rfc1035.c did the trick (as it appears to have have 
a problem there, see the GDB dump[0]). I've attached a patch as a 
temporary (!) workaround to this email.

However, commenting out this section is clearly not the correct solution,
maybe somebody can have another look on what this routine was supposed to
do here and try again.

For completeness' sake, I was curious to see what exactly dnseval[1] was
sending to Dnsmasq and why it would crash the dnsmasq process in the 
first place. So, this dnseval thingy is a Python script and in commit 
efeccef[2] ("Fix text alignment") they not only changed the "text anlignment" 
but switched to sending EDNS queries too. Their ENDS routine was later 
modified again and its current version (v1.6.3) doesn't make dnsmasq crash 
- but their v1.4.0 does and that's the version that made it to the Debian 
distribution :-\

Thanks for listening,

[0] https://paste.fedoraproject.org/paste/awbvnGEvj57ru1TtAuA3ag
[1] https://github.com/farrokhi/dnsdiag/blob/master/dnseval.py
[2] https://github.com/farrokhi/dnsdiag/commit/efeccef
BOFH excuse #72:

Satan did it
diff --git a/Makefile b/Makefile
index 73ea23e..be7ec72 100644
--- a/Makefile
+++ b/Makefile
@@ -24,8 +24,8 @@ MANDIR        = $(PREFIX)/share/man
 LOCALEDIR     = $(PREFIX)/share/locale
 BUILDDIR      = $(SRC)
 DESTDIR       = 
-CFLAGS        = -Wall -W -O2
-LDFLAGS       = 
+CFLAGS        = -Wall -W -Og -g -fstack-protector-strong -Wformat 
+LDFLAGS       = -Wl,-z,relro
 COPTS         = 
 LIBS          = 
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 26f5301..fb5e0fb 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1225,8 +1225,8 @@ size_t answer_request(struct dns_header *header, char 
*limit, size_t qlen,
   /* Clear buffer beyond request to avoid risk of
      information disclosure. */
-  memset(((char *)header) + qlen, 0, 
-        (limit - ((char *)header)) - qlen);
+//  memset(((char *)header) + qlen, 0, 
+//      (limit - ((char *)header)) - qlen);
   if (ntohs(header->ancount) != 0 ||
       ntohs(header->nscount) != 0 ||
Dnsmasq-discuss mailing list

Reply via email to