Commit ed91ec54 authored by Natanael Copa's avatar Natanael Copa

main/openssh: fix segfault with VerifyHostKeyDNS=yes

fix a case in openbsd-compat where there are no DNS answers. Apparently
OpenBSD returns ancount=0 but the answer struct is non NULL, while with
musl the answer is NULL.

fixes #8323
parent bf8d9057
......@@ -4,7 +4,7 @@
pkgname=openssh
pkgver=8.0_p1
_myver=${pkgver%_*}${pkgver#*_}
pkgrel=0
pkgrel=1
pkgdesc="Port of OpenBSD's free SSH release"
url="https://www.openssh.com/portable.html"
arch="all"
......@@ -17,7 +17,8 @@ makedepends="$makedepends_build $makedepends_host"
# Add more packages support here e.g. kerberos
_pkgsupport=""
[ -z "$BOOTSTRAP" ] && _pkgsupport="pam"
subpackages="$pkgname-doc
subpackages="$pkgname-dbg
$pkgname-doc
$pkgname-keygen
$pkgname-client
$pkgname-keysign
......@@ -34,6 +35,7 @@ source="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.ta
bsd-compatible-realpath.patch
sftp-interactive.patch
disable-forwarding-by-default.patch
fix-verify-dns-segfault.patch
sshd.initd
sshd.confd
......@@ -211,5 +213,6 @@ f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b33894
f2b8daa537ea3f32754a4485492cc6eb3f40133ed46c0a5a29a89e4bcf8583d82d891d94bf2e5eb1c916fa68ec094abf4e6cd641e9737a6c05053808012b3a73 bsd-compatible-realpath.patch
c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch
8df35d72224cd255eb0685d2c707b24e5eb24f0fdd67ca6cc0f615bdbd3eeeea2d18674a6af0c6dab74c2d8247e2370d0b755a84c99f766a431bc50c40b557de disable-forwarding-by-default.patch
b0d1fc89bd46ebfc8c7c00fd897732e67a6cda996811c14d99392685bb0b508b52c9dc3188b1a84c0ffa3f72f57189cc615a76b81796dd1b5f552542bd53f84d fix-verify-dns-segfault.patch
8122ac1838586a1487dad1f70ed2ec8161ae57b4a7ee8bfef9757b590aa76a887a6c5e5f2575728da4c6c2f00d2a924360e23d84a4df204d7021b44b690cb2f8 sshd.initd
ec506156c286e5b28a530e9964dd68b7f6c9e881fbc47247a988e52a1f9cd50cbfaf4955c96774f9e2508d8b734c4abf98785fbaa75ae6249e3464b5495f1afc sshd.confd"
Handle case when answer=NULL due to zero answers
diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
index dc6fe05..28622b5 100644
--- a/openbsd-compat/getrrsetbyname.c
+++ b/openbsd-compat/getrrsetbyname.c
@@ -268,7 +268,7 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
}
rrset->rri_rdclass = response->query->class;
rrset->rri_rdtype = response->query->type;
- rrset->rri_ttl = response->answer->ttl;
+ rrset->rri_ttl = response->answer ? response->answer->ttl : 0;
rrset->rri_nrdatas = response->header.ancount;
#ifdef HAVE_HEADER_AD
@@ -276,6 +276,17 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
if (response->header.ad == 1)
rrset->rri_flags |= RRSET_VALIDATED;
#endif
+ /* allocate memory for signatures */
+ if (rrset->rri_nsigs > 0) {
+ rrset->rri_sigs = calloc(rrset->rri_nsigs, sizeof(struct rdatainfo));
+ if (rrset->rri_sigs == NULL) {
+ result = ERRSET_NOMEMORY;
+ goto fail;
+ }
+ }
+
+ if (response->answer == NULL || response->header.ancount == 0)
+ goto done;
/* copy name from answer section */
rrset->rri_name = strdup(response->answer->name);
@@ -298,15 +309,6 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
goto fail;
}
- /* allocate memory for signatures */
- if (rrset->rri_nsigs > 0) {
- rrset->rri_sigs = calloc(rrset->rri_nsigs, sizeof(struct rdatainfo));
- if (rrset->rri_sigs == NULL) {
- result = ERRSET_NOMEMORY;
- goto fail;
- }
- }
-
/* copy answers & signatures */
for (rr = response->answer, index_ans = 0, index_sig = 0;
rr; rr = rr->next) {
@@ -334,6 +336,7 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
}
free_dns_response(response);
+done:
*res = rrset;
return (ERRSET_SUCCESS);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment