From: bert hubert <bert.hubert@netherlabs.nl>
Date: Wed, 9 Dec 2015 06:45:40 +0000 (+0100)
Subject: **BREAKING** dnsdist console communications control break: we now support 32 bit... 
X-Git-Tag: dnsdist-1.0.0-alpha1~97
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6885d4bf1c24c4f45839864816a1f872c97906d0;p=pdns

**BREAKING** dnsdist console communications control break: we now support 32 bit message lengths. Restart daemon for this to work.
---

diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index e1766e1ee..3b77395aa 100644
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -446,24 +446,26 @@ void* tcpAcceptorThread(void* p)
 }
 
 
-bool getMsgLen(int fd, uint16_t* len)
+bool getMsgLen32(int fd, uint32_t* len)
 try
 {
-  uint16_t raw;
+  uint32_t raw;
   int ret = readn2(fd, &raw, sizeof raw);
   if(ret != sizeof raw)
     return false;
-  *len = ntohs(raw);
+  *len = ntohl(raw);
+  if(*len > 10000000) // arbitrary 10MB limit
+    return false;
   return true;
 }
 catch(...) {
    return false;
 }
 
-bool putMsgLen(int fd, uint16_t len)
+bool putMsgLen32(int fd, uint32_t len)
 try
 {
-  uint16_t raw = htons(len);
+  uint32_t raw = htonl(len);
   int ret = writen2(fd, &raw, sizeof raw);
   return ret==sizeof raw;
 }
diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc
index a40d37eb9..0dc0771d4 100644
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -776,13 +776,13 @@ try
   writen2(fd, (char*)ours.value, sizeof(ours.value));
 
   for(;;) {
-    uint16_t len;
-    if(!getMsgLen(fd, &len))
+    uint32_t len;
+    if(!getMsgLen32(fd, &len))
       break;
-    char msg[len];
-    readn2(fd, msg, len);
+    boost::scoped_array<char> msg(new char[len]);
+    readn2(fd, msg.get(), len);
     
-    string line(msg, len);
+    string line(msg.get(), len);
     line = sodDecryptSym(line, g_key, theirs);
     //    cerr<<"Have decrypted line: "<<line<<endl;
     string response;
@@ -827,8 +827,8 @@ try
       response = "Error: " + string(e.what()) + ": ";
     }
     response = sodEncryptSym(response, g_key, ours);
-    putMsgLen(fd, response.length());
-    writen2(fd, response.c_str(), (uint16_t)response.length());
+    putMsgLen32(fd, response.length());
+    writen2(fd, response.c_str(), response.length());
   }
   infolog("Closed control connection from %s", client.toStringWithPort());
   close(fd);
@@ -877,14 +877,14 @@ static void doClient(ComboAddress server, const std::string& command)
   if(!command.empty()) {
     string response;
     string msg=sodEncryptSym(command, g_key, ours);
-    putMsgLen(fd, msg.length());
+    putMsgLen32(fd, msg.length());
     if(!msg.empty())
       writen2(fd, msg);
-    uint16_t len;
-    getMsgLen(fd, &len);
-    char resp[len];
-    readn2(fd, resp, len);
-    msg.assign(resp, len);
+    uint32_t len;
+    getMsgLen32(fd, &len);
+    boost::scoped_array<char> resp(new char[len]);
+    readn2(fd, resp.get(), len);
+    msg.assign(resp.get(), len);
     msg=sodDecryptSym(msg, g_key, theirs);
     cout<<msg<<endl;
     return; 
@@ -919,19 +919,17 @@ static void doClient(ComboAddress server, const std::string& command)
 
     string response;
     string msg=sodEncryptSym(line, g_key, ours);
-    putMsgLen(fd, msg.length());
+    putMsgLen32(fd, msg.length());
     writen2(fd, msg);
-    uint16_t len;
-    getMsgLen(fd, &len);
-
-    if(len == 0) {
+    uint32_t len;
+    if(!getMsgLen32(fd, &len) || len == 0) {
       cout << "Connection closed by the server." << endl;
       break;
     }
 
-    char resp[len];
-    readn2(fd, resp, len);
-    msg.assign(resp, len);
+    boost::scoped_array<char> resp(new char[len]);
+    readn2(fd, resp.get(), len);
+    msg.assign(resp.get(), len);
     msg=sodDecryptSym(msg, g_key, theirs);
     cout<<msg<<endl;
   }
diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh
index c2178abd3..fe2867f6e 100644
--- a/pdns/dnsdist.hh
+++ b/pdns/dnsdist.hh
@@ -422,8 +422,8 @@ std::shared_ptr<DownstreamState> roundrobin(const NumberedServerVector& servers,
 int getEDNSZ(const char* packet, unsigned int len);
 uint16_t getEDNSOptionCode(const char * packet, size_t len);
 void dnsdistWebserverThread(int sock, const ComboAddress& local, const string& password);
-bool getMsgLen(int fd, uint16_t* len);
-bool putMsgLen(int fd, uint16_t len);
+bool getMsgLen32(int fd, uint32_t* len);
+bool putMsgLen32(int fd, uint32_t len);
 void* tcpAcceptorThread(void* p);
 
 void moreLua();