Limit $GENERATE range to 65535 steps #1020
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## master #1020 +/- ##
==========================================
+ Coverage 54.78% 55.27% +0.49%
==========================================
Files 41 41
Lines 9867 9973 +106
==========================================
+ Hits 5406 5513 +107
+ Misses 3435 3431 -4
- Partials 1026 1029 +3
Continue to review full report at Codecov.
|
tmthrgd
requested changes
Oct 3, 2019
Having these checks means all test in TestCrasherString() are not reached because we bail out earlier - removed that test all together. Fixes #1019 Signed-off-by: Miek Gieben <[email protected]>
|
done. PTAL |
chantra
reviewed
Oct 3, 2019
| @@ -49,14 +49,14 @@ func (zp *ZoneParser) generate(l lex) (RR, bool) { | |||
| if err != nil { | |||
| return zp.setParseError("bad stop in $GENERATE range", l) | |||
| } | |||
| if end < 0 || start < 0 || end < start { | |||
| if end < 0 || start < 0 || end < start || (end-start)/step > 65535 { | |||
There was a problem hiding this comment.
See my comment in #1019 (comment) to align this with BIND behaviour. TL;DR both start and stop must be positive integers between 0 and (2^31)-1
chantra
reviewed
Oct 3, 2019
generate_test.go
Outdated
Comment on lines
215
to
218
| {"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"}, | ||
| {"$GENERATE 0-5414137360", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:22"}, | ||
| {"$GENERATE 11522-3668518066406258", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:38"}, | ||
| {"$GENERATE 0-200\"(;00000000000000\n$$GENERATE 0-0", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:16"}, |
There was a problem hiding this comment.
some of those test were generating different errors, like timeout (I believe the second test was a timeout). Let me find the original error they were triggering.
chantra
reviewed
Oct 3, 2019
| err string | ||
| }{ | ||
| {"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"}, | ||
| {"$GENERATE 0-5414137360", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:22"}, |
There was a problem hiding this comment.
original error: program hanged (timeout 10 seconds)
|
[ Quoting <[email protected]> in "Re: [miekg/dns] Limit $GENERATE ran..." ]
chantra commented on this pull request.
>
-func TestCrasherString(t *testing.T) {
- tests := []struct{
- in string
- err string
-}{
- {"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"},
- {"$GENERATE 0-5414137360", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:22"},
original error: `program hanged (timeout 10 seconds)`
yes, with only 2^16-1 we don't hit this - I think the bind limits are a bit
crazy
|
chantra
reviewed
Oct 3, 2019
| in string | ||
| err string | ||
| }{ | ||
| {"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"}, |
There was a problem hiding this comment.
runtime: goroutine stack exceeds 1000000000-byte limit fatal error: stack overflow
| }{ | ||
| {"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"}, | ||
| {"$GENERATE 0-5414137360", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:22"}, | ||
| {"$GENERATE 11522-3668518066406258", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:38"}, |
There was a problem hiding this comment.
program hanged (timeout 10 seconds)
| {"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"}, | ||
| {"$GENERATE 0-5414137360", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:22"}, | ||
| {"$GENERATE 11522-3668518066406258", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:38"}, | ||
| {"$GENERATE 0-200\"(;00000000000000\n$$GENERATE 0-0", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:16"}, |
There was a problem hiding this comment.
panic: runtime error: index out of range [2048] with length 2048
|
@chantra happy to merge this as it now? |
|
sure, I would be tempted to leave test case that catch garbage after the range/step token though :) |
Signed-off-by: Miek Gieben <[email protected]>
Signed-off-by: Miek Gieben <[email protected]>
|
ok, adding that back in |
chantra
added a commit
to chantra/miekg-dns
that referenced
this pull request
Oct 23, 2019
While the range number of GENERATE is now limited, one can pass a line with 2 $GENERATE directive that will exponentially increase the time spent generating RRs. Limit to only one per line. Fixes miekg#1020
chantra
added a commit
to chantra/miekg-dns
that referenced
this pull request
Oct 23, 2019
While the range number of GENERATE is now limited, one can pass a line with 2 $GENERATE directive that will exponentially increase the time spent generating RRs. Limit to only one per line. Fixes miekg#1020
chantra
added a commit
to chantra/miekg-dns
that referenced
this pull request
Oct 23, 2019
While the range number of GENERATE is now limited, one can pass a line with 2 $GENERATE directive that will exponentially increase the time spent generating RRs. Limit to only one per line. Fixes miekg#1020
miekg
pushed a commit
that referenced
this pull request
Oct 23, 2019
While the range number of GENERATE is now limited, one can pass a line with 2 $GENERATE directive that will exponentially increase the time spent generating RRs. Limit to only one per line. Fixes #1020
aanm
pushed a commit
to cilium/dns
that referenced
this pull request
Jul 29, 2022
* Limit $GENERATE range to 65535 steps Having these checks means all test in TestCrasherString() are not reached because we bail out earlier - removed that test all together. Fixes miekg#1019 Signed-off-by: Miek Gieben <[email protected]> * bring back testcase Signed-off-by: Miek Gieben <[email protected]> * bring back crash test Signed-off-by: Miek Gieben <[email protected]>
aanm
pushed a commit
to cilium/dns
that referenced
this pull request
Jul 29, 2022
While the range number of GENERATE is now limited, one can pass a line with 2 $GENERATE directive that will exponentially increase the time spent generating RRs. Limit to only one per line. Fixes miekg#1020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1019