diff --git a/src/dns_client.c b/src/dns_client.c index 5b7a59b..efb6a4b 100644 --- a/src/dns_client.c +++ b/src/dns_client.c @@ -1933,7 +1933,7 @@ static int _dns_client_process_tls(struct dns_server_info *server_info, struct e } if (_dns_client_tls_verify(server_info) != 0) { - tlog(TLOG_WARN, "peer verify failed."); + tlog(TLOG_WARN, "peer %s verify failed.", server_info->ip); goto errout; } diff --git a/src/dns_conf.c b/src/dns_conf.c index e8f0754..4505962 100644 --- a/src/dns_conf.c +++ b/src/dns_conf.c @@ -33,7 +33,7 @@ int dns_conf_prefetch = 0; /* upstream servers */ struct dns_servers dns_conf_servers[DNS_MAX_SERVERS]; -char dns_conf_server_name[DNS_MAX_CONF_CNAME_LEN]; +char dns_conf_server_name[DNS_MAX_SERVER_NAME_LEN]; int dns_conf_server_num; /* logging */ @@ -350,6 +350,10 @@ static int _config_domain_rule_add(char *domain, enum domain_rule type, void *ru /* Reverse string, for suffix match */ len = strlen(domain); + if (len >= sizeof(domain_key)) { + tlog(TLOG_ERROR, "domain name %s too long", domain); + goto errout; + } reverse_string(domain_key, domain, len); domain_key[len] = '.'; len++; @@ -407,6 +411,10 @@ static int _config_domain_rule_flag_set(char *domain, unsigned int flag) int len = 0; len = strlen(domain); + if (len >= sizeof(domain_key)) { + tlog(TLOG_ERROR, "domain %s too long", domain); + return -1; + } reverse_string(domain_key, domain, len); domain_key[len] = '.'; len++; @@ -530,6 +538,11 @@ static int _config_ipset(void *data, int argc, char *argv[]) /* Get domain */ len = end - begin; + if (len >= sizeof(domain)) { + tlog(TLOG_ERROR, "domain name %s too long", value); + goto errout; + } + memcpy(domain, begin, len); domain[len] = '\0'; @@ -617,6 +630,12 @@ static int _config_address(void *data, int argc, char *argv[]) /* get domain */ len = end - begin; + + if (len >= sizeof(domain)) { + tlog(TLOG_ERROR, "domain name %s too long", value); + goto errout; + } + memcpy(domain, begin, len); domain[len] = 0; @@ -775,6 +794,12 @@ static int _config_nameserver(void *data, int argc, char *argv[]) } len = end - begin; + + if (len >= sizeof(domain)) { + tlog(TLOG_ERROR, "domain name %s too long", value); + goto errout; + } + memcpy(domain, begin, len); domain[len] = '\0'; @@ -983,7 +1008,7 @@ static int _config_log_level(void *data, int argc, char *argv[]) } static struct config_item _config_item[] = { - CONF_STRING("server-name", (char *)dns_conf_server_name, DNS_MAX_CONF_CNAME_LEN), + CONF_STRING("server-name", (char *)dns_conf_server_name, DNS_MAX_SERVER_NAME_LEN), CONF_STRING("bind", dns_conf_server_ip, DNS_MAX_IPLEN), CONF_STRING("bind-tcp", dns_conf_server_tcp_ip, DNS_MAX_IPLEN), CONF_CUSTOM("server", _config_server_udp, NULL), diff --git a/src/dns_conf.h b/src/dns_conf.h index f3f8e78..4da8384 100644 --- a/src/dns_conf.h +++ b/src/dns_conf.h @@ -11,6 +11,7 @@ #include "radix.h" #define DNS_MAX_SERVERS 64 +#define DNS_MAX_SERVER_NAME_LEN 128 #define DNS_MAX_IPSET_NAMELEN 32 #define DNS_GROUP_NAME_LEN 32 #define DNS_NAX_GROUP_NUMBER 16 @@ -21,7 +22,7 @@ #define DEFAULT_DNS_PORT 53 #define DEFAULT_DNS_TLS_PORT 853 #define DEFAULT_DNS_HTTPS_PORT 443 -#define DNS_MAX_CONF_CNAME_LEN 128 +#define DNS_MAX_CONF_CNAME_LEN 256 #define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf" #define SMARTDNS_LOG_FILE "/var/log/smartdns.log" #define SMARTDNS_AUDIT_FILE "/var/log/smartdns-audit.log" @@ -156,7 +157,7 @@ extern char dns_conf_audit_file[DNS_MAX_PATH]; extern size_t dns_conf_audit_size; extern int dns_conf_audit_num; -extern char dns_conf_server_name[DNS_MAX_CONF_CNAME_LEN]; +extern char dns_conf_server_name[DNS_MAX_SERVER_NAME_LEN]; extern art_tree dns_conf_domain_rule; extern struct dns_conf_address_rule dns_conf_address_rule; diff --git a/src/util.c b/src/util.c index 7c57590..0c005eb 100644 --- a/src/util.c +++ b/src/util.c @@ -207,7 +207,7 @@ int parse_uri(char *value, char *scheme, char *host, int *port, char *path) field_len = scheme_end - value; if (scheme) { memcpy(scheme, value, field_len); - scheme[field_len + 1] = 0; + scheme[field_len] = 0; } process_ptr += field_len + 3; } else { @@ -226,7 +226,7 @@ int parse_uri(char *value, char *scheme, char *host, int *port, char *path) return -1; } memcpy(host_name, process_ptr, field_len); - host_name[field_len + 1] = 0; + host_name[field_len] = 0; if (parse_ip(host_name, host, port) != 0) { return -1;