From c177936b9452990f9f2e0ece90110329aa5e7369a3f029fd7e7c4803adeeb086 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Thu, 18 Nov 2021 14:11:14 +0000 Subject: [PATCH] - bsc#1192529, dnsmasq-resolv-conf.patch: Fix a segfault when re-reading an empty resolv.conf - Remove "nogroup" membership from the dnsmasq user. OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=143 --- dnsmasq-resolv-conf.patch | 31 +++++++++++++++++++++++++++++++ dnsmasq.changes | 7 +++++++ dnsmasq.spec | 3 +++ system-user-dnsmasq.conf | 1 - 4 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 dnsmasq-resolv-conf.patch diff --git a/dnsmasq-resolv-conf.patch b/dnsmasq-resolv-conf.patch new file mode 100644 index 0000000..2bbd667 --- /dev/null +++ b/dnsmasq-resolv-conf.patch @@ -0,0 +1,31 @@ +From d290630d31f4517ab26392d00753d1397f9a4114 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Wed, 6 Oct 2021 22:31:06 +0100 +Subject: [PATCH] Fix crash after re-reading an empty resolv.conf file. + +If dnsmasq re-reads a resolv file, and it's empty, it will +retry after a delay. In the meantime, the old servers from the +resolv file have been deleted, but the servers_array doesn't +get updated, leading to dangling pointers and crashes. + +Thanks to Brad Jorsch for finding and analysing this bug. + +This problem was introduced in 2.86. +--- + src/dnsmasq.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- src/dnsmasq.c.orig ++++ src/dnsmasq.c +@@ -1668,6 +1668,11 @@ static void poll_resolv(int force, int d + } + else + { ++ /* If we're delaying things, we don't call check_servers(), but ++ reload_servers() may have deleted some servers, rendering the server_array ++ invalid, so just rebuild that here. Once reload_servers() succeeds, ++ we call check_servers() above, which calls build_server_array itself. */ ++ build_server_array(); + latest->mtime = 0; + if (!warned) + { diff --git a/dnsmasq.changes b/dnsmasq.changes index 79889a1..ea7b510 100644 --- a/dnsmasq.changes +++ b/dnsmasq.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Nov 18 13:59:55 UTC 2021 - Reinhard Max + +- bsc#1192529, dnsmasq-resolv-conf.patch: + Fix a segfault when re-reading an empty resolv.conf +- Remove "nogroup" membership from the dnsmasq user. + ------------------------------------------------------------------- Wed Oct 20 17:08:15 UTC 2021 - Callum Farmer diff --git a/dnsmasq.spec b/dnsmasq.spec index 3dcd3e0..51083ac 100644 --- a/dnsmasq.spec +++ b/dnsmasq.spec @@ -37,6 +37,7 @@ Source5: rc.dnsmasq-suse Source6: system-user-dnsmasq.conf Source8: %{name}-rpmlintrc Patch0: dnsmasq-groups.patch +Patch1: dnsmasq-resolv-conf.patch BuildRequires: dbus-1-devel BuildRequires: dos2unix BuildRequires: libidn2-devel @@ -75,6 +76,7 @@ server's leases. %prep %setup -q %patch0 +%patch1 # Remove the executable bit from python example files to # avoid unwanted automatic dependencies @@ -143,6 +145,7 @@ if ! %{_bindir}/getent passwd dnsmasq >/dev/null; then %{_sbindir}/useradd -r -d %{_localstatedir}/lib/empty -s /bin/false -c "dnsmasq" -g nogroup -G tftp dnsmasq fi %else + %pre -f dnsmasq.pre %endif %service_add_pre %{name}.service diff --git a/system-user-dnsmasq.conf b/system-user-dnsmasq.conf index 181e6f3..2eac272 100644 --- a/system-user-dnsmasq.conf +++ b/system-user-dnsmasq.conf @@ -1,4 +1,3 @@ #Type Name ID GECOS Home directory Shell u dnsmasq - "dnsmasq" /var/lib/empty - -m dnsmasq nogroup - - - m dnsmasq tftp - - -