From 8408d2a6babe97d974b8ba028060229292f82113 Mon Sep 17 00:00:00 2001
From: Kees Monshouwer <mind04@monshouwer.org>
Date: Tue, 22 Dec 2015 19:08:47 +0100
Subject: [PATCH] avoid crashes caused by bad DNSnames in gsql backends

---
 pdns/backends/gsql/gsqlbackend.cc | 68 ++++++++++++++++++++++++-------
 1 file changed, 54 insertions(+), 14 deletions(-)

diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index 07305b5d9..9d2c02e18 100644
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -319,7 +319,11 @@ bool GSQLBackend::getDomainInfo(const DNSName &domain, DomainInfo &di)
   ASSERT_ROW_COLUMNS("info-zone-query", d_result[0], 7);
 
   di.id=pdns_stou(d_result[0][0]);
-  di.zone=DNSName(d_result[0][1]);
+  try {
+    di.zone=DNSName(d_result[0][1]);
+  } catch (...) {
+    return false;
+  }
   stringtok(di.masters, d_result[0][2], " ,\t");
   di.last_check=pdns_stou(d_result[0][3]);
   di.notified_serial = pdns_stou(d_result[0][4]);
@@ -364,7 +368,11 @@ void GSQLBackend::getUnfreshSlaveInfos(vector<DomainInfo> *unfreshDomains)
     DomainInfo sd;
     ASSERT_ROW_COLUMNS("info-all-slaves-query", d_result[n], 4);
     sd.id=pdns_stou(d_result[n][0]);
-    sd.zone= DNSName(d_result[n][1]);
+    try {
+      sd.zone= DNSName(d_result[n][1]);
+    } catch (...) {
+      continue;
+    }
     stringtok(sd.masters, d_result[n][2], ", \t");
     sd.last_check=pdns_stou(d_result[n][3]);
     sd.backend=this;
@@ -404,7 +412,11 @@ void GSQLBackend::getUpdatedMasters(vector<DomainInfo> *updatedDomains)
     DomainInfo sd;
     ASSERT_ROW_COLUMNS("info-all-master-query", d_result[n], 6);
     sd.id=pdns_stou(d_result[n][0]);
-    sd.zone= DNSName(d_result[n][1]);
+    try {
+      sd.zone= DNSName(d_result[n][1]);
+    } catch (...) {
+      continue;
+    }
     sd.last_check=pdns_stou(d_result[n][3]);
     sd.notified_serial=pdns_stou(d_result[n][4]);
     sd.backend=this;
@@ -595,7 +607,11 @@ bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qnam
         d_beforeOrderQuery_stmt->nextRow(row);
         ASSERT_ROW_COLUMNS("get-order-before-query", row, 2);
         before=row[0];
-        unhashed=DNSName(row[1]);
+        try {
+          unhashed=DNSName(row[1]);
+        } catch (...) {
+          continue;
+        }
       }
       d_beforeOrderQuery_stmt->reset();
     }
@@ -617,7 +633,11 @@ bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qnam
         d_lastOrderQuery_stmt->nextRow(row);
         ASSERT_ROW_COLUMNS("get-order-last-query", row, 2);
         before=row[0];
-        unhashed=DNSName(row[1]);
+        try {
+          unhashed=DNSName(row[1]);
+        } catch (...) {
+          continue;
+        }
       }
       d_lastOrderQuery_stmt->reset();
     }
@@ -718,10 +738,12 @@ bool GSQLBackend::getTSIGKey(const DNSName& name, DNSName* algorithm, string* co
     while(d_getTSIGKeyQuery_stmt->hasNextRow()) {
       d_getTSIGKeyQuery_stmt->nextRow(row);
       ASSERT_ROW_COLUMNS("get-tsig-key-query", row, 2);
-      if(algorithm->empty() || *algorithm==DNSName(row[0])) {
-        *algorithm = DNSName(row[0]);
-        *content = row[1];
-      }
+      try{
+        if(algorithm->empty() || *algorithm==DNSName(row[0])) {
+          *algorithm = DNSName(row[0]);
+          *content = row[1];
+        }
+      } catch (...) {}
     }
 
     d_getTSIGKeyQuery_stmt->reset();
@@ -775,8 +797,12 @@ bool GSQLBackend::getTSIGKeys(std::vector< struct TSIGKey > &keys)
       d_getTSIGKeysQuery_stmt->nextRow(row);
       ASSERT_ROW_COLUMNS("get-tsig-keys-query", row, 3);
       struct TSIGKey key;
-      key.name = DNSName(row[0]);
-      key.algorithm = DNSName(row[1]);
+      try {
+        key.name = DNSName(row[0]);
+        key.algorithm = DNSName(row[1]);
+      } catch (...) {
+        continue;
+      }
       key.key = row[2];
       keys.push_back(key);
     }
@@ -1006,6 +1032,8 @@ bool GSQLBackend::get(DNSResourceRecord &r)
 {
   // L << "GSQLBackend get() was called for "<<qtype.getName() << " record: ";
   SSqlStatement::row_t row;
+
+skiprow:
   if(d_query_stmt->hasNextRow()) {
     try {
       d_query_stmt->nextRow(row);
@@ -1013,7 +1041,11 @@ bool GSQLBackend::get(DNSResourceRecord &r)
     } catch (SSqlException &e) {
       throw PDNSException("GSQLBackend get: "+e.txtReason());
     }
-    extractRecord(row, r);
+    try {
+      extractRecord(row, r);
+    } catch (...) {
+      goto skiprow;
+    }
     return true;
   }
 
@@ -1153,7 +1185,11 @@ void GSQLBackend::getAllDomains(vector<DomainInfo> *domains, bool include_disabl
       ASSERT_ROW_COLUMNS("get-all-domains-query", row, 8);
       DomainInfo di;
       di.id = pdns_stou(row[0]);
-      di.zone = DNSName(row[1]);
+      try {
+        di.zone = DNSName(row[1]);
+      } catch (...) {
+        continue;
+      }
   
       if (!row[4].empty()) {
         stringtok(di.masters, row[4], " ,\t");
@@ -1532,7 +1568,11 @@ bool GSQLBackend::searchRecords(const string &pattern, int maxResults, vector<DN
       DNSResourceRecord r;
       d_SearchRecordsQuery_stmt->nextRow(row);
       ASSERT_ROW_COLUMNS("search-records-query", row, 8);
-      extractRecord(row, r);
+      try {
+        extractRecord(row, r);
+      } catch (...) {
+        continue;
+      }
       result.push_back(r);
     }
 
-- 
2.40.0