From f761b290f135957f47e1c9af71b4a81c76c32b48 Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Wed, 19 Sep 2018 08:52:21 +0200 Subject: mDNSResponder: Update to v625.41.2 The sources can be obtained via: https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-625.41.2.tar.gz Update #3522. --- mDNSResponder/mDNSPosix/._ReadMe.txt | Bin 0 -> 171 bytes mDNSResponder/mDNSPosix/Identify.c | 6 ++++-- mDNSResponder/mDNSPosix/Makefile | 3 ++- mDNSResponder/mDNSPosix/ReadMe.txt | 14 ++++++++++++++ mDNSResponder/mDNSPosix/mDNSPosix.c | 36 +++++++++++++++++++++-------------- mDNSResponder/mDNSPosix/mDNSUNP.c | 21 +++++++++----------- mDNSResponder/mDNSPosix/mdnsd.sh | 2 +- mDNSResponder/mDNSPosix/nss_mdns.c | 4 ---- 8 files changed, 52 insertions(+), 34 deletions(-) create mode 100755 mDNSResponder/mDNSPosix/._ReadMe.txt (limited to 'mDNSResponder/mDNSPosix') diff --git a/mDNSResponder/mDNSPosix/._ReadMe.txt b/mDNSResponder/mDNSPosix/._ReadMe.txt new file mode 100755 index 00000000..cd621b2a Binary files /dev/null and b/mDNSResponder/mDNSPosix/._ReadMe.txt differ diff --git a/mDNSResponder/mDNSPosix/Identify.c b/mDNSResponder/mDNSPosix/Identify.c index 003ac631..6a5d362b 100644 --- a/mDNSResponder/mDNSPosix/Identify.c +++ b/mDNSResponder/mDNSPosix/Identify.c @@ -330,8 +330,10 @@ mDNSexport int main(int argc, char **argv) if (StopNow == 2) break; } #endif - else { - if (strlen(arg) >= sizeof(hostname)) { + else + { + if (strlen(arg) >= sizeof(hostname)) + { fprintf(stderr, "hostname must be < %d characters\n", (int)sizeof(hostname)); goto usage; } diff --git a/mDNSResponder/mDNSPosix/Makefile b/mDNSResponder/mDNSPosix/Makefile index 817a3775..de8bd00c 100755 --- a/mDNSResponder/mDNSPosix/Makefile +++ b/mDNSResponder/mDNSPosix/Makefile @@ -153,6 +153,7 @@ LINKOPTS = -lSystem LDSUFFIX = dylib JDK = /System/Library/Frameworks/JavaVM.framework/Home JAVACFLAGS_OS = -dynamiclib -I/System/Library/Frameworks/JavaVM.framework/Headers -framework JavaVM +OPTIONALTARG = dnsextd else $(error ERROR: Must specify target OS on command-line, e.g. "make os=x [target]".\ @@ -215,7 +216,7 @@ CFLAGS = $(CFLAGS_COMMON) $(CFLAGS_OS) $(CFLAGS_DEBUG) ############################################################################# -all: setup Daemon libdns_sd Clients SAClient SAResponder SAProxyResponder Identify NetMonitor dnsextd $(OPTIONALTARG) +all: setup Daemon libdns_sd Clients SAClient SAResponder SAProxyResponder Identify NetMonitor $(OPTIONALTARG) install: setup InstalledDaemon InstalledStartup InstalledLib InstalledManPages InstalledClients $(OPTINSTALL) diff --git a/mDNSResponder/mDNSPosix/ReadMe.txt b/mDNSResponder/mDNSPosix/ReadMe.txt index c2f56412..a374ddf0 100755 --- a/mDNSResponder/mDNSPosix/ReadMe.txt +++ b/mDNSResponder/mDNSPosix/ReadMe.txt @@ -308,6 +308,20 @@ CVE-ID CVE-2011-0220 : JaeSeung Song of the Department of Computing at Imperial College London +Impact:  A local application may be able to cause a denial of service +Description:  A denial of service issue was addressed through +improved memory handling. +CVE-ID +CVE-2015-7988 : Alexandre Helie + +Impact:  A remote attacker may be able to cause unexpected +application termination or arbitrary code execution +Description:  Multiple memory corruption issues existed in DNS +data parsing. These issues were addressed through improved bounds +checking. +CVE-ID +CVE-2015-7987 : Alexandre Helie + To Do List ---------- • port to a System V that's not Solaris diff --git a/mDNSResponder/mDNSPosix/mDNSPosix.c b/mDNSResponder/mDNSPosix/mDNSPosix.c index 1ff9837d..77b57149 100755 --- a/mDNSResponder/mDNSPosix/mDNSPosix.c +++ b/mDNSResponder/mDNSPosix/mDNSPosix.c @@ -1,6 +1,6 @@ /* -*- Mode: C; tab-width: 4 -*- * - * Copyright (c) 2002-2004 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2002-2015 Apple Inc. All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -525,6 +525,7 @@ mDNSexport int ParseDNSServers(mDNS *m, const char *filePath) numOfServers++; } } + fclose(fp); return (numOfServers > 0) ? 0 : -1; } @@ -648,10 +649,22 @@ mDNSlocal int SetupSocket(struct sockaddr *intfAddr, mDNSIPPort port, int interf // ... with a shared UDP port, if it's for multicast receiving if (err == 0 && port.NotAnInteger) { - #if defined(SO_REUSEPORT) - err = setsockopt(*sktPtr, SOL_SOCKET, SO_REUSEPORT, &kOn, sizeof(kOn)); - #elif defined(SO_REUSEADDR) + // + // We test for SO_REUSEADDR first, as suggested by Jonny Törnbom from Axis Communications + // Linux kernel versions 3.9 introduces support for socket option + // SO_REUSEPORT, however this is not implemented the same as on *BSD + // systems. Linux version implements a "port hijacking" prevention + // mechanism, limiting processes wanting to bind to an already existing + // addr:port to have the same effective UID as the first who bound it. What + // this meant for us was that the daemon ran as one user and when for + // instance mDNSClientPosix was executed by another user, it wasn't allowed + // to bind to the socket. Our suggestion was to switch the order in which + // SO_REUSEPORT and SO_REUSEADDR was tested so that SO_REUSEADDR stays on + // top and SO_REUSEPORT to be used only if SO_REUSEADDR doesn't exist. + #if defined(SO_REUSEADDR) && !defined(__MAC_OS_X_VERSION_MIN_REQUIRED) err = setsockopt(*sktPtr, SOL_SOCKET, SO_REUSEADDR, &kOn, sizeof(kOn)); + #elif defined(SO_REUSEPORT) + err = setsockopt(*sktPtr, SOL_SOCKET, SO_REUSEPORT, &kOn, sizeof(kOn)); #else #error This platform has no way to avoid address busy errors on multicast. #endif @@ -919,6 +932,7 @@ mDNSlocal int SetupOneInterface(mDNS *const m, struct sockaddr *intfAddr, struct if (strcmp(intfName, STRINGIFY(DIRECTLINK_INTERFACE_NAME)) == 0) intf->coreIntf.DirectLink = mDNStrue; #endif + intf->coreIntf.SupportsUnicastMDNSResponse = mDNStrue; // The interface is all ready to go, let's register it with the mDNS core. if (err == 0) @@ -1625,21 +1639,15 @@ mDNSexport mDNSBool mDNSPlatformInterfaceIsD2D(mDNSInterfaceID InterfaceID) return mDNSfalse; } -mDNSexport mDNSBool mDNSPlatformAllowPID(mDNS *const m, DNSQuestion *q) +mDNSexport void mDNSPlatformGetDNSRoutePolicy(mDNS *const m, DNSQuestion *q, mDNSBool *isCellBlocked) { (void) m; - (void) q; - return mDNStrue; -} -mDNSexport mDNSs32 mDNSPlatformGetServiceID(mDNS *const m, DNSQuestion *q) -{ - (void) m; - (void) q; - return -1; + q->ServiceID = -1; + *isCellBlocked = mDNSfalse; } -mDNSexport void mDNSPlatformSetDelegatePID(UDPSocket *src, const mDNSAddr *dst, DNSQuestion *q) +mDNSexport void mDNSPlatformSetuDNSSocktOpt(UDPSocket *src, const mDNSAddr *dst, DNSQuestion *q) { (void) src; (void) dst; diff --git a/mDNSResponder/mDNSPosix/mDNSUNP.c b/mDNSResponder/mDNSPosix/mDNSUNP.c index 5c4d9fe1..3cfeac6e 100755 --- a/mDNSResponder/mDNSPosix/mDNSUNP.c +++ b/mDNSResponder/mDNSPosix/mDNSUNP.c @@ -83,14 +83,12 @@ void plen_to_mask(int plen, char *addr) { struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases) { struct ifi_info *ifi, *ifihead, **ifipnext, *ifipold, **ifiptr; - FILE *fp; + FILE *fp = NULL; char addr[8][5]; int flags, myflags, index, plen, scope; char ifname[9], lastname[IFNAMSIZ]; char addr6[32+7+1]; /* don't forget the seven ':' */ struct addrinfo hints, *res0; - struct sockaddr_in6 *sin6; - struct in6_addr *addrptr; int err; int sockfd = -1; struct ifreq ifr; @@ -150,18 +148,13 @@ struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases) char ipv6addr[INET6_ADDRSTRLEN]; plen_to_mask(plen, ipv6addr); ifi->ifi_netmask = calloc(1, sizeof(struct sockaddr_in6)); - if (ifi->ifi_addr == NULL) { + if (ifi->ifi_netmask == NULL) { goto gotError; } - sin6=calloc(1, sizeof(struct sockaddr_in6)); - addrptr=calloc(1, sizeof(struct in6_addr)); - inet_pton(family, ipv6addr, addrptr); - sin6->sin6_family=family; - sin6->sin6_addr=*addrptr; - sin6->sin6_scope_id=scope; - memcpy(ifi->ifi_netmask, sin6, sizeof(struct sockaddr_in6)); - free(sin6); + ((struct sockaddr_in6 *)ifi->ifi_netmask)->sin6_family=family; + ((struct sockaddr_in6 *)ifi->ifi_netmask)->sin6_scope_id=scope; + inet_pton(family, ipv6addr, &((struct sockaddr_in6 *)ifi->ifi_netmask)->sin6_addr); /* Add interface name */ memcpy(ifi->ifi_name, ifname, IFI_NAME); @@ -179,6 +172,7 @@ struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases) * EADDRNOTAVAIL for the main interface */ free(ifi->ifi_addr); + free(ifi->ifi_netmask); free(ifi); ifipnext = ifiptr; *ifipnext = ifipold; @@ -207,6 +201,9 @@ done: if (sockfd != -1) { assert(close(sockfd) == 0); } + if (fp != NULL) { + fclose(fp); + } return(ifihead); /* pointer to first structure in linked list */ } #endif // defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX diff --git a/mDNSResponder/mDNSPosix/mdnsd.sh b/mDNSResponder/mDNSPosix/mdnsd.sh index 14fef9b4..c43d9fcb 100644 --- a/mDNSResponder/mDNSPosix/mdnsd.sh +++ b/mDNSResponder/mDNSPosix/mdnsd.sh @@ -36,7 +36,7 @@ if [ -r /sbin/start-stop-daemon ]; then # Suse Linux doesn't work with symbolic signal names, but we really don't need # to specify "-s TERM" since SIGTERM (15) is the default stop signal anway # STOP="start-stop-daemon --stop -s TERM --quiet --oknodo --exec" - STOP="start-stop-daemon --stop --quiet --oknodo --exec" + STOP="start-stop-daemon --stop --quiet --oknodo --retry 2 --exec" else killmdnsd() { kill -TERM `cat /var/run/mdnsd.pid` diff --git a/mDNSResponder/mDNSPosix/nss_mdns.c b/mDNSResponder/mDNSPosix/nss_mdns.c index afadb3c6..ade4d4d2 100755 --- a/mDNSResponder/mDNSPosix/nss_mdns.c +++ b/mDNSResponder/mDNSPosix/nss_mdns.c @@ -1088,7 +1088,6 @@ mdns_lookup_callback ns_type_t expected_rr_type = af_to_rr (result->hostent->h_addrtype); - // Idiot check class if (rrclass != C_IN) { syslog (LOG_WARNING, @@ -1270,7 +1269,6 @@ add_address_to_buffer (result_map_t * result, const void * data, int len) return NULL; } - // Idiot check if (len != result->hostent->h_length) { syslog (LOG_WARNING, @@ -1311,7 +1309,6 @@ contains_address (result_map_t * result, const void * data, int len) { int i; - // Idiot check if (len != result->hostent->h_length) { syslog (LOG_WARNING, @@ -2473,7 +2470,6 @@ cmp_dns_suffix (const char * name, const char * domain) const char * nametail; const char * domaintail; - // Idiot checks if (*name == 0 || *name == k_dns_separator) { // Name can't be empty or start with separator -- cgit v1.2.3