Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth 4.8.x: Backport "Damage control in Lua createForward() and createForward6()." #15229

Open
wants to merge 2 commits into
base: rel/auth-4.8.x
Choose a base branch
from
Open

auth 4.8.x: Backport "Damage control in Lua createForward() and createForward6()." #15229

wants to merge 2 commits into from

Conversation

miodvallat
Copy link
Contributor

Short description

Backport of #15222

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)
  • checked that this code was merged to master

@miodvallat
Copy link
Contributor Author

Adding the check-spelling update so that the CI has a chance to succeed.

@miodvallat miodvallat force-pushed the backport-15222-to-auth-4.8.x branch 2 times, most recently from 3ffd352 to a5127b1 Compare February 27, 2025 18:43
@miodvallat
Damage control in Lua createForward() and createForward6().
045b682 
- make sure all computed results are passed to a ComboAddress
  constructor, which will reject ill-formed data. This wasn't the case
  in createForward, when interpreting part of the requested name as an
  ipv4 address encoded in hexadecimal (e.g. 7f000001), but the actual
  name wasn't.
  This would otherwise end up with a SERVFAIL answer and a Lua stack
  traceback containing messages such as:
    Unable to convert presentation address '4294967292.xx.yy.zz'
  for a name ending with "-4" and six hex digits.

- wrap these functions into a try/catch block in order to cope with
  possible exceptions raised by ComboAddress.
  This wasn't the case in createForward6 when the requested name
  contains at least 8 dots - this doesn't imply each component is a
  valid ipv6 chunk.

(cherry picked from commit 9780054)
@miodvallat
Update check-spelling/check-spelling from 0.0.21 to 0.0.24
cc83eb3 
(backport from master)
@miodvallat miodvallat force-pushed the backport-15222-to-auth-4.8.x branch from a5127b1 to cc83eb3 Compare February 28, 2025 06:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
auth
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@miodvallat