fix potential null pointer deref when packets are forged
[project/mdnsd.git] / main.c
diff --git a/main.c b/main.c
index 505fb7d..f559c19 100644 (file)
--- a/main.c
+++ b/main.c
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/nameser.h>
-#include <asm/byteorder.h>
 
 #include <libubus.h>
-#include <libubox/usock.h>
 #include <libubox/uloop.h>
-#include <libubox/avl-cmp.h>
 
 #include "dns.h"
 #include "ubus.h"
 #include "announce.h"
 #include "interface.h"
 
-static struct uloop_timeout reconnect;
-char *iface_name = "eth0";
-
-static int
-parse_answer(struct interface *iface, uint8_t *buffer, int len, uint8_t **b, int *rlen, int cache)
-{
-       char *name = dns_consume_name(buffer, len, b, rlen);
-       struct dns_answer *a;
-       uint8_t *rdata;
-
-       if (!name) {
-               fprintf(stderr, "dropping: bad question\n");
-               return -1;
-       }
-
-       a = dns_consume_answer(b, rlen);
-       if (!a) {
-               fprintf(stderr, "dropping: bad question\n");
-               return -1;
-       }
-
-       rdata = *b;
-       if (a->rdlength > *rlen) {
-               fprintf(stderr, "dropping: bad question\n");
-               return -1;
-       }
-
-       *rlen -= a->rdlength;
-       *b += a->rdlength;
-
-       if (cache)
-               cache_answer(iface, buffer, len, name, a, rdata);
-
-       return 0;
-}
-
-static void
-parse_question(struct interface *iface, char *name, struct dns_question *q)
-{
-       char *host;
-
-       DBG(1, "Q -> %s %s\n", dns_type_string(q->type), name);
-
-       switch (q->type) {
-       case TYPE_ANY:
-               host = service_name("local");
-               if (!strcmp(name, host))
-                       service_reply(iface, NULL);
-               break;
-
-       case TYPE_PTR:
-               service_announce_services(iface, name);
-               service_reply(iface, name);
-               break;
-
-       case TYPE_AAAA:
-       case TYPE_A:
-               host = strstr(name, ".local");
-               if (host)
-                       *host = '\0';
-               if (!strcmp(hostname, name))
-                       service_reply_a(iface, q->type);
-               break;
-       };
-}
-
-static void
-read_socket(struct uloop_fd *u, unsigned int events)
-{
-       struct interface *iface = container_of(u, struct interface, fd);
-       static uint8_t buffer[8 * 1024];
-       uint8_t *b = buffer;
-       struct dns_header *h;
-       int len, rlen;
-
-       if (u->eof) {
-               uloop_fd_delete(u);
-               close(u->fd);
-               u->fd = -1;
-               uloop_timeout_set(&reconnect, 1000);
-               return;
-       }
-
-       rlen = len = read(u->fd, buffer, sizeof(buffer));
-       if (len < 1) {
-               fprintf(stderr, "read failed: %s\n", strerror(errno));
-               return;
-       }
-
-       h = dns_consume_header(&b, &rlen);
-       if (!h) {
-               fprintf(stderr, "dropping: bad header\n");
-               return;
-       }
-
-       while (h->questions-- > 0) {
-               char *name = dns_consume_name(buffer, len, &b, &rlen);
-               struct dns_question *q;
-
-               if (!name) {
-                       fprintf(stderr, "dropping: bad name\n");
-                       return;
-               }
-
-               q = dns_consume_question(&b, &rlen);
-               if (!q) {
-                       fprintf(stderr, "dropping: bad question\n");
-                       return;
-               }
-
-               if (!(h->flags & FLAG_RESPONSE))
-                       parse_question(iface, name, q);
-       }
-
-       if (!(h->flags & FLAG_RESPONSE))
-               return;
-
-       while (h->answers-- > 0)
-               parse_answer(iface, buffer, len, &b, &rlen, 1);
-
-       while (h->authority-- > 0)
-               parse_answer(iface, buffer, len, &b, &rlen, 0);
-
-       while (h->additional-- > 0)
-               parse_answer(iface, buffer, len, &b, &rlen, 1);
-}
-
 static void
-reconnect_socket(struct uloop_timeout *timeout)
+signal_shutdown(int signal)
 {
-       cur_iface->fd.fd = usock(USOCK_UDP | USOCK_SERVER | USOCK_NONBLOCK, MCAST_ADDR, "5353");
-       if (cur_iface->fd.fd < 0) {
-               fprintf(stderr, "failed to add listener: %s\n", strerror(errno));
-               uloop_timeout_set(&reconnect, 1000);
-       } else {
-               if (interface_socket_setup(cur_iface)) {
-                       uloop_timeout_set(&reconnect, 1000);
-                       cur_iface->fd.fd = -1;
-                       return;
-               }
-
-               uloop_fd_add(&cur_iface->fd, ULOOP_READ);
-               sleep(5);
-               dns_send_question(cur_iface, "_services._dns-sd._udp.local", TYPE_PTR);
-               announce_init(cur_iface);
-       }
+       uloop_end();
 }
 
 int
@@ -193,11 +48,10 @@ main(int argc, char **argv)
 {
        int ch, ttl;
 
-       while ((ch = getopt(argc, argv, "h:t:i:d")) != -1) {
+       uloop_init();
+
+       while ((ch = getopt(argc, argv, "t:i:d")) != -1) {
                switch (ch) {
-               case 'h':
-                       hostname = optarg;
-                       break;
                case 't':
                        ttl = atoi(optarg);
                        if (ttl > 0)
@@ -209,41 +63,29 @@ main(int argc, char **argv)
                        debug++;
                        break;
                case 'i':
-                       iface_name = optarg;
+                       interface_add(optarg);
                        break;
+               default:
+                       return -1;
                }
        }
 
-       if (!iface_name)
-               return -1;
-
-       uloop_init();
-
-       if (interface_add(iface_name)) {
-               fprintf(stderr, "Failed to add interface %s\n", iface_name);
-               return -1;
-       }
-
-       if (!cur_iface)
-               return -1;
-
-       signal_setup();
+       signal(SIGPIPE, SIG_IGN);
+       signal(SIGTERM, signal_shutdown);
+       signal(SIGKILL, signal_shutdown);
 
        if (cache_init())
                return -1;
 
        service_init();
 
-       cur_iface->fd.cb = read_socket;
-       reconnect.cb = reconnect_socket;
-
-       uloop_timeout_set(&reconnect, 100);
        ubus_startup();
        uloop_run();
        uloop_done();
 
        cache_cleanup();
        service_cleanup();
+       vlist_flush(&interfaces);
 
        return 0;
 }