Samba | DNS updates allow/deny for SAMBA_INTERAL dns server. (!2271)
Matt Grant
matt at mattgrant.net.nz
Wed Aug 17 04:34:41 UTC 2022
Hi Joseph and Douglas!
Should be ready for merge, if there are no further issues. As below, have
corrected formatting issues. Please let me know how you go.
Have been through ALL the code and reformatted it, fixed over length lines
past 80 chars that should not be overlength, and fixed functions in if
statements etc as per README.Coding.md
BTW, could you please rerun the fuzzing check on dns_update_get_caddr() in
source4/dns_server/dns_update.c.
There was a return WERR_OK that should have been return WERR_CONTINUE in
the default: part of the switch statement on update->rr_type that was
causing the NULL values in *caddrptr with WERR_OK that you found Douglas.
BTW, does lib/util/access.c have any test suite coverage for the
allow_access*() functions? Looks like it's pretty ancient, pre unit testing
and I can't find any tests... The stuff I have done for the
dns-updates-allow-deny tests may be the ONLY code that exercises it?
Thank you for all your help,
Matt Grant
On Thu, 11 Aug 2022 at 22:48, Matt Grant <matt at mattgrant.net.nz> wrote:
> Hi Douglas!
>
> Have included the fuzzer commit you wrote into the merge request, added
> tag that it was Written-by: Douglas Bagnall <
> douglas.bagnall at catalyst.net.nz>
>
> Could you please check that the fuzzer works. Think I have fixed the
> problem line in dns_updates_get_caddr() to return WERR_CONTINUE instead of
> WERR_OK.
>
> Thank you for all your help!
>
> Best Regards,
>
> Matt Grant
>
> On Thu, 11 Aug 2022 at 22:00, Matt Grant <matt at mattgrant.net.nz> wrote:
>
>> Hi Douglas!
>> Could you please show me how to include the fuzzer for
>> dns_updates_get_caddr you wrote in the tests for the dns-updates-allow-deny
>> merge? I would like to include it so that people won't have too many
>> questions when auditing that code, as it does serve a useful purpose
>> turning a PTR domain lookup into an address for the dns updates rrnet
>> allow/deny filter.
>> Thank you!
>> Matt Grant
>>
>> On Wed, 10 Aug 2022 at 12:37, Douglas Bagnall (@douglasbagnall) <
>> gitlab at mg.gitlab.com> wrote:
>>
>>> Douglas Bagnall <https://gitlab.com/douglasbagnall> commented on a
>>> discussion
>>> <https://gitlab.com/samba-team/samba/-/merge_requests/2271#note_1056304663>:
>>>
>>>
>>> The prototype fuzzer I mentioned is in
>>>
>>>
>>> https://gitlab.com/samba-team/devel/samba/-/commits/douglas-grantma-dns-updates-allow-deny-tests
>>>
>>> —
>>> Reply to this email directly or view it on GitLab
>>> <https://gitlab.com/samba-team/samba/-/merge_requests/2271#note_1056304663>.
>>>
>>> You're receiving this email because of your account on gitlab.com.
>>> Unsubscribe
>>> <https://gitlab.com/-/sent_notifications/7437a5432d1d1dd66e01a873476af718/unsubscribe>
>>> from this thread · Manage all notifications
>>> <https://gitlab.com/-/profile/notifications> · Help
>>> <https://gitlab.com/help>
>>>
>>
More information about the samba-technical
mailing list