From: Alviro Iskandar Setiawan <alviro.iskandar@gnuweeb.org>
To: Ahmad Gani <reyuki@gnuweeb.org>
Cc: Ammar Faizi <ammarfaizi2@gnuweeb.org>,
"GNU/Weeb Mailing List" <gwml@vger.gnuweeb.org>
Subject: Re: [PATCH gwproxy v10 2/2] gwproxy: refactor code base to add experimental raw DNS backend
Date: Thu, 11 Sep 2025 17:11:11 +0700 [thread overview]
Message-ID: <CAOG64qOvjYWb-gN7SZQAbxLaMSWuSoDu1Z35+mrqUthb+uGKYw@mail.gmail.com> (raw)
In-Reply-To: <20250910104326.580778-3-reyuki@gnuweeb.org>
On Wed, Sep 10, 2025 at 5:44 PM Ahmad Gani wrote:
> + cfg = &w->ctx->cfg;
> + resolv = &w->dns_resolver;
> + p1 = realloc(resolv->stack.arr, cfg->sess_map_cap * sizeof(*resolv->stack.arr));
> + if (!p1)
> + return;
> + resolv->stack.arr = p1;
> +
> + p2 = realloc(resolv->sess_map, cfg->sess_map_cap * sizeof(*resolv->sess_map));
> + if (!p2)
> + return;
> + resolv->sess_map = p2;
This shrink operation looks very *dangerous* to me. Think, what
happens if "p2 = realloc()" fails?
You update "->stack.arr = p1;" but given "->stack.top >=
->sess_map_cap", now ->stack.top is pointing to an index beyond the
array capacity because you have just successfully shrunk the array
capacity down to ->sess_map_cap. Next time, a client with SOCKS5
hostname comes in, you call pop_txid(), and you will explode
->stack.arr[--resolv->stack.top] ** OVERFLOW **
because ->stack.top is not updated. That kind of pattern is only safe
for array expansion, not for this shrink op definitely. You're allowed
to over allocate the size, but not under allocate.
> + memset(p2, 0, cfg->sess_map_cap * sizeof(*resolv->sess_map));
> +
> + i = cfg->sess_map_cap;
> + resolv->stack.top = i--;
> + for (; i <= 0; i--)
> + p1[i] = i;
> +
> + resolv->sess_map_cap = cfg->sess_map_cap;
Meanwhile, ->stack.top *is* only updated when p2 is successfully
shrunk, what if *only the p1 succeeds*?
My hunch is that you may still need some basic training on C
programming. Today, I am still not confident with your overall series.
This feature is still far away from an acceptable state. For now, big
NAK from me on this series.
Anyway, this patch is doing too many things. It's not something you
should do in a single commit. Please split it into smaller, more
manageable pieces.
tq
--
Software Engineer & ITPM Officer
Alviro Iskandar Setiawan
+1 908 777 0074
next prev parent reply other threads:[~2025-09-11 10:11 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-10 10:43 [PATCH gwproxy v10 0/2] Initial work on integration of DNS parser lib in gwproxy Ahmad Gani
2025-09-10 10:43 ` [PATCH gwproxy v10 1/2] dnsparser: Add dns parser code Ahmad Gani
2025-09-10 10:43 ` [PATCH gwproxy v10 2/2] gwproxy: refactor code base to add experimental raw DNS backend Ahmad Gani
2025-09-11 10:11 ` Alviro Iskandar Setiawan [this message]
2025-09-12 10:37 ` Ahmad Gani
2025-09-12 14:39 ` Alviro Iskandar Setiawan
2025-09-12 15:49 ` Ammar Faizi
2025-09-12 15:52 ` Ahmad Gani
2025-09-12 16:42 ` Alviro Iskandar Setiawan
2025-09-12 17:00 ` Alviro Iskandar Setiawan
2025-09-14 4:31 ` Ahmad Gani
2025-09-12 17:36 ` Ammar Faizi
2025-09-14 4:34 ` Ahmad Gani
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAOG64qOvjYWb-gN7SZQAbxLaMSWuSoDu1Z35+mrqUthb+uGKYw@mail.gmail.com \
--to=alviro.iskandar@gnuweeb.org \
--cc=ammarfaizi2@gnuweeb.org \
--cc=gwml@vger.gnuweeb.org \
--cc=reyuki@gnuweeb.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox