On 30/11/2019 20:55, Simon Kelley wrote:
> This makes sense, the code looks like this
> 
> while (crecp = lookup(name))
> {
>      char *cname_target = cache_get_cname_target(crecp);
> 
>     if (some stuff)
>        {
>            other_stuff()
>            strcpy(name, cname_target);
>         }
> }
> 
> Which means that if the if () clause fails, it loops forever, looking up
> the same CNAME over and over again.
> 
> It should be
> 
> while (crecp = lookup(name))
> {
>      char *cname_target = cache_get_cname_target(crecp);
> 
>     if (some stuff)
>        other_stuff()
> 
>     strcpy(name, cname_target);
> }
> 
> So the cname chasing always happens.
> 
> 
> The mystery is why it's taken so long to see this (I've been running
> this code for weeks). The answer is that the (some stuff) clause  can
> fail if the client asks for DNSSEC records to be returned with the
> answer, which, presumably ssh does. so that it can do its own validation.
>       
> 
> I'll commit the fix now.
> 
> 
> Simon.
> 


Fix is

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1aef66bb3454e08507856430bf5af1b22baa396d



Simon.



_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to