fix: usr: Unknown directive in resolv.conf not handled properly

The line after an unknown directive in resolv.conf could accidentally be skipped, potentially affecting dig, host, nslookup, nsupdate, or delv. This has been fixed. Closes #5084 Merge branch '5084-plain-unknown-keyword-in-resolv-conf-not-handled-propely' into 'main' See merge request isc-projects/bind9!9865
2025-08-29 13:38:26 +00:00 · 2024-12-10 00:45:44 +00:00 · 2024-12-10 00:45:44 +00:00 · 48901ef57e
commit 48901ef57e
parent 713357456f c44c4fcbfb
5 changed files with 66 additions and 44 deletions
--- a/lib/dns/resconf.c
+++ b/lib/dns/resconf.c
@ -585,9 +585,11 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) {
 			} else {
 				/* unrecognised word. Ignore entire line */
 				rval = ISC_R_SUCCESS;
-				stopchar = eatline(fp);
+				if (stopchar != '\n') {
-				if (stopchar == EOF) {
+					stopchar = eatline(fp);
-					break;
+					if (stopchar == EOF) {
 						break;
 					}
 				}
 			}
 			if (ret == ISC_R_SUCCESS && rval != ISC_R_SUCCESS) {
--- a/tests/irs/resconf_test.c
+++ b/tests/irs/resconf_test.c
@ -11,8 +11,6 @@
 * information regarding copyright ownership.
 */
 #if HAVE_CMOCKA
 #include <inttypes.h>
 #include <sched.h> /* IWYU pragma: keep */
 #include <setjmp.h>
@ -31,19 +29,7 @@
 #include <irs/resconf.h>
-static isc_mem_t *mctx = NULL;
+#include <tests/isc.h>
 static void
 setup_test(void) {
 	isc_mem_create(&mctx);
 	/*
 	 * the caller might run from another directory, but tests
 	 * that access test data files must first chdir to the proper
 	 * location.
 	 */
 	assert_return_code(chdir(TESTS_DIR), 0);
 }
 static isc_result_t
 check_number(unsigned int n, unsigned int expected) {
@ -65,6 +51,24 @@ check_ndots(irs_resconf_t *resconf) {
 	return check_number(irs_resconf_getndots(resconf), 2);
 }
 static isc_result_t
 search_example(irs_resconf_t *resconf) {
 	irs_resconf_search_t *entry;
 	irs_resconf_searchlist_t *list;
 	list = irs_resconf_getsearchlist(resconf);
 	if (list == NULL) {
 		return ISC_R_NOTFOUND;
 	}
 	entry = ISC_LIST_HEAD(*list);
 	assert_true(entry != NULL && entry->domain != NULL);
 	assert_string_equal(entry->domain, "example.com");
 	entry = ISC_LIST_TAIL(*list);
 	assert_true(entry != NULL && entry->domain != NULL);
 	assert_string_equal(entry->domain, "example.net");
 	return ISC_R_SUCCESS;
 }
 static isc_result_t
 check_options(irs_resconf_t *resconf) {
 	if (irs_resconf_getattempts(resconf) != 3) {
@ -83,8 +87,7 @@ check_options(irs_resconf_t *resconf) {
 }
 /* test irs_resconf_load() */
-static void
+ISC_RUN_TEST_IMPL(irs_resconf_load) {
 irs_resconf_load_test(void **state) {
 	isc_result_t result;
 	irs_resconf_t *resconf = NULL;
 	unsigned int i;
@ -119,18 +122,27 @@ irs_resconf_load_test(void **state) {
 		  ISC_R_SUCCESS },
 		{ "testdata/port.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS },
 		{ "testdata/resolv.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS },
-		{ "testdata/search.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS },
+		{ "testdata/search.conf", ISC_R_SUCCESS, search_example,
 		  ISC_R_SUCCESS },
 		{ "testdata/sortlist-v4.conf", ISC_R_SUCCESS, NULL,
 		  ISC_R_SUCCESS },
 		{ "testdata/timeout.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS },
-		{ "testdata/unknown.conf", ISC_R_SUCCESS, NULL, ISC_R_SUCCESS }
+		{ "testdata/unknown-with-value.conf", ISC_R_SUCCESS, NULL,
 		  ISC_R_SUCCESS },
 		{ "testdata/unknown-without-value.conf", ISC_R_SUCCESS, NULL,
 		  ISC_R_SUCCESS },
 		{ "testdata/unknown+search.conf", ISC_R_SUCCESS, search_example,
 		  ISC_R_SUCCESS }
 	};
 	UNUSED(state);
-	setup_test();
+	assert_return_code(chdir(TESTS_DIR), 0);
 	for (i = 0; i < sizeof(tests) / sizeof(tests[1]); i++) {
 		if (debug) {
 			fprintf(stderr, "# testing '%s'\n", tests[i].file);
 		}
 		result = irs_resconf_load(mctx, tests[i].file, &resconf);
 		if (result != tests[i].loadres) {
 			fail_msg("# unexpected result %s loading %s",
@ -156,27 +168,10 @@ irs_resconf_load_test(void **state) {
 			irs_resconf_destroy(&resconf);
 		}
 	}
 	isc_mem_detach(&mctx);
 }
-int
+ISC_TEST_LIST_START
-main(void) {
+ISC_TEST_ENTRY(irs_resconf_load)
-	const struct CMUnitTest tests[] = {
+ISC_TEST_LIST_END
 		cmocka_unit_test(irs_resconf_load_test),
 	};
-	return cmocka_run_group_tests(tests, NULL, NULL);
+ISC_TEST_MAIN
 }
 #else /* HAVE_CMOCKA */
 #include <stdio.h>
 int
 main(void) {
 	printf("1..0 # Skipped: cmocka not available\n");
 	return SKIPPED_TEST_EXIT_CODE;
 }
 #endif /* if HAVE_CMOCKA */
--- a/tests/irs/testdata/unknown+search.conf
+++ b/tests/irs/testdata/unknown+search.conf
@ -0,0 +1,13 @@
 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 #
 # SPDX-License-Identifier: MPL-2.0
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, you can obtain one at https://mozilla.org/MPL/2.0/.
 #
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 unknown
 search example.com example.net
--- a/tests/irs/testdata/unknown-with-value.conf
+++ b/tests/irs/testdata/unknown-with-value.conf
--- a/tests/irs/testdata/unknown-without-value.conf
+++ b/tests/irs/testdata/unknown-without-value.conf
@ -0,0 +1,12 @@
 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 #
 # SPDX-License-Identifier: MPL-2.0
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, you can obtain one at https://mozilla.org/MPL/2.0/.
 #
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 unknown