Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 25 Apr 2017 20:56:39 +0000
From: Stefan Sedich <stefan.sedich@...il.com>
To: musl@...ts.openwall.com
Subject: Re: [PATCH v3] Add RES_OPTIONS support for resolv.conf options overriding

On Tue, Apr 25, 2017 at 1:50 PM Alexander Monakov <amonakov@...ras.ru>
wrote:

> I see a couple of pre-existing issues in options parsing
> (not your problem, just questions for Rich):
>
> On Tue, 25 Apr 2017, Stefan Sedich wrote:
> > +void __parse_resolv_opts(struct resolvconf *conf, char *opts)
> > +{
> > +     char *p, *z;
> > +
> > +     p = strstr(opts, "ndots:");
>
> This accepts xndots, _ndots, etc.  I think this is undesirable, prefixing a
> character could be seen by some users as a way to "comment-out" an option
> without deleting it, and such loose matching lays a trap for them. It also
> breaks if a valid option ending in 'ndots' appears in the future.
>
> > +     p = strstr(opts, "timeout:");
> > +     if (p && (isdigit(p[8]) || p[8]=='.')) {
> > +             p += 8;
> > +             unsigned long x = strtoul(p, &z, 10);
>
> Either stroul should be strtod, or accepting p[8]=='.' is pointless.
> This was introduced in commit d6cb08bcaca4ff1f921375510ca72bccea969c75
> that moved this chunk of code from res_msend.c to resolvconf.c and
> introduced p[8]=='.' check en passant.
>
> > @@ -89,5 +96,11 @@ no_resolv_conf:
> >
> >       conf->nns = nns;
> >
> > +     char *res_opts_env = NULL;
> > +     if (!libc.secure) res_opts_env = getenv("RES_OPTIONS");
> > +     if (res_opts_env) {
> > +             __parse_resolv_opts(conf, res_opts_env);
> > +     }
>
> This might look slightly cleaner if written as
>
>         if (!libc.secure) {
>                 const char *opts = getenv("RES_OPTIONS");
>                 if (opts) __parse_resolve_opts(conf, opts);
>         }
>
> Alexander
>

Alexander,

I agree on the cleaner version :), I will await Rich to comment on the rest
before opening another patch as perhaps I can address some of these as part
of this commit if desired?

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.