Bug 226575 - drill -x 192..168.5.25 (two dots in the row) breaks
Summary: drill -x 192..168.5.25 (two dots in the row) breaks
Status: In Progress
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 11.1-RELEASE
Hardware: Any Any
: --- Affects Only Me
Assignee: Oleksandr Tymoshenko
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2018-03-13 16:03 UTC by Goran Mekić
Modified: 2020-06-22 23:15 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Goran Mekić 2018-03-13 16:03:19 UTC
drill -x 192..168.5.25
Assertion failed: (rd != NULL), function ldns_rdf_get_type, file /usr/src/contrib/ldns/rdata.c, line 33.
fish: “drill -x 192..168.5.25” terminated by signal SIGABRT (Abort)

freebsd-version 
11.1-RELEASE-p7
Comment 1 Maxim Konovalov freebsd_committer 2018-03-16 09:46:53 UTC
Hello,

I must admit that now I need to visit a doctor to check my eyes after reading drill.c.

Here is a rather simple and admittedly naive and incomplete band-aid:

Index: drill.c
===================================================================
--- drill.c     (revision 325887)
+++ drill.c     (working copy)
@@ -695,6 +695,7 @@ main(int argc, char *argv[])
                        break;
                case DRILL_REVERSE:
                        /* ipv4 or ipv6 addr? */
+printf("name %s\n", name);
                        if (strchr(name, ':')) {
                                if (strchr(name, '.')) {
                                        error("Syntax error: both '.' and ':' seen in address\n");
@@ -747,6 +748,9 @@ main(int argc, char *argv[])
                                free(name2);
                        } else {
                                qname = ldns_dname_new_frm_str(name);
+                               if (!qname) {
+                                       error("%s", "-x implies an ip address");
+                               }
                                qname_tmp = ldns_dname_reverse(qname);
                                ldns_rdf_deep_free(qname);
                                qname = qname_tmp;

%%%

I see a number of other equally suspicious places but unfortunately cannot invest more time into.

Sorry for that.

Maxim
Comment 2 Maxim Konovalov freebsd_committer 2018-03-16 09:49:16 UTC
Oops, please ignore the first chunk in the patch above.
Comment 3 Oleksandr Tymoshenko freebsd_committer freebsd_triage 2019-01-15 22:38:18 UTC
Drill is a contrib code. I forwarded  report to the upstream bugzilla: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4221
Comment 4 Goran Mekić 2020-06-22 22:31:14 UTC
This bug is in 12, too. Is there something I can do to help? Send patch, or send for review or something?
Comment 5 Oleksandr Tymoshenko freebsd_committer freebsd_triage 2020-06-22 22:39:00 UTC
(In reply to Goran Mekić from comment #4)

Thanks for reminding. I think I'll just cherry-pick this fix. Now when it's in the upstream, it won't be lost during next vendor import.
Comment 6 commit-hook freebsd_committer 2020-06-22 23:13:38 UTC
A commit references this bug:

Author: gonzo
Date: Mon Jun 22 23:13:15 UTC 2020
New revision: 362516
URL: https://svnweb.freebsd.org/changeset/base/362516

Log:
  Fix crash in drill(1) when IP has two subsequent dots

  Cherry-pick crash fix from the upstream repo

  PR:		226575
  Reported by:	Goran Meki? <meka@tilda.center>
  Obtained from:	https://git.nlnetlabs.nl/ldns/commit/?id=98291475
  MFC after:	2 weeks

Changes:
  head/contrib/ldns/drill/drill.c
Comment 7 Goran Mekić 2020-06-22 23:15:53 UTC
Thank you very much!