This file contains functions that check function pointers. More...
#include "util/netevent.h"#include "util/storage/lruhash.h"#include "util/module.h"#include "util/tube.h"#include "services/mesh.h"Macros | |
| #define | fptr_ok(x) |
| Macro to perform an assertion check for fptr wlist checks. | |
Functions | |
| int | fptr_whitelist_comm_point (comm_point_callback_type *fptr) |
| Check function pointer whitelist for comm_point callback values. | |
| int | fptr_whitelist_comm_point_raw (comm_point_callback_type *fptr) |
| Check function pointer whitelist for raw comm_point callback values. | |
| int | fptr_whitelist_comm_timer (void(*fptr)(void *)) |
| Check function pointer whitelist for comm_timer callback values. | |
| int | fptr_whitelist_comm_signal (void(*fptr)(int, void *)) |
| Check function pointer whitelist for comm_signal callback values. | |
| int | fptr_whitelist_start_accept (void(*fptr)(void *)) |
| Check function pointer whitelist for start_accept callback values. | |
| int | fptr_whitelist_stop_accept (void(*fptr)(void *)) |
| Check function pointer whitelist for stop_accept callback values. | |
| int | fptr_whitelist_event (void(*fptr)(int, short, void *)) |
| Check function pointer whitelist for event structure callback values. | |
| int | fptr_whitelist_pending_udp (comm_point_callback_type *fptr) |
| Check function pointer whitelist for pending udp callback values. | |
| int | fptr_whitelist_pending_tcp (comm_point_callback_type *fptr) |
| Check function pointer whitelist for pending tcp callback values. | |
| int | fptr_whitelist_serviced_query (comm_point_callback_type *fptr) |
| Check function pointer whitelist for serviced query callback values. | |
| int | fptr_whitelist_rbtree_cmp (int(*fptr)(const void *, const void *)) |
| Check function pointer whitelist for rbtree cmp callback values. | |
| int | fptr_whitelist_hash_sizefunc (lruhash_sizefunc_type fptr) |
| Check function pointer whitelist for lruhash sizefunc callback values. | |
| int | fptr_whitelist_hash_compfunc (lruhash_compfunc_type fptr) |
| Check function pointer whitelist for lruhash compfunc callback values. | |
| int | fptr_whitelist_hash_delkeyfunc (lruhash_delkeyfunc_type fptr) |
| Check function pointer whitelist for lruhash delkeyfunc callback values. | |
| int | fptr_whitelist_hash_deldatafunc (lruhash_deldatafunc_type fptr) |
| Check function pointer whitelist for lruhash deldata callback values. | |
| int | fptr_whitelist_hash_markdelfunc (lruhash_markdelfunc_type fptr) |
| Check function pointer whitelist for lruhash markdel callback values. | |
| int | fptr_whitelist_modenv_send_query (struct outbound_entry *(*fptr)(struct query_info *qinfo, uint16_t flags, int dnssec, int want_dnssec, int nocaps, int check_ratelimit, struct sockaddr_storage *addr, socklen_t addrlen, uint8_t *zone, size_t zonelen, int tcp_upstream, int ssl_upstream, char *tls_auth_name, struct module_qstate *q, int *was_ratelimited)) |
| Check function pointer whitelist for module_env send_query callback values. | |
| int | fptr_whitelist_modenv_detach_subs (void(*fptr)(struct module_qstate *qstate)) |
| Check function pointer whitelist for module_env detach_subs callback values. | |
| int | fptr_whitelist_modenv_attach_sub (int(*fptr)(struct module_qstate *qstate, struct query_info *qinfo, uint16_t qflags, int prime, int valrec, struct module_qstate **newq)) |
| Check function pointer whitelist for module_env attach_sub callback values. | |
| int | fptr_whitelist_modenv_add_sub (int(*fptr)(struct module_qstate *qstate, struct query_info *qinfo, uint16_t qflags, int prime, int valrec, struct module_qstate **newq, struct mesh_state **sub)) |
| Check function pointer whitelist for module_env add_sub callback values. | |
| int | fptr_whitelist_modenv_kill_sub (void(*fptr)(struct module_qstate *newq)) |
| Check function pointer whitelist for module_env kill_sub callback values. | |
| int | fptr_whitelist_modenv_detect_cycle (int(*fptr)(struct module_qstate *qstate, struct query_info *qinfo, uint16_t flags, int prime, int valrec)) |
| Check function pointer whitelist for module_env detect_cycle callback values. | |
| int | fptr_whitelist_mod_init (int(*fptr)(struct module_env *env, int id)) |
| Check function pointer whitelist for module init call values. | |
| int | fptr_whitelist_mod_deinit (void(*fptr)(struct module_env *env, int id)) |
| Check function pointer whitelist for module deinit call values. | |
| int | fptr_whitelist_mod_startup (int(*fptr)(struct module_env *env, int id)) |
| Check function pointer whitelist for module startup call values. | |
| int | fptr_whitelist_mod_destartup (void(*fptr)(struct module_env *env, int id)) |
| Check function pointer whitelist for module destartup call values. | |
| int | fptr_whitelist_mod_operate (void(*fptr)(struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)) |
| Check function pointer whitelist for module operate call values. | |
| int | fptr_whitelist_mod_inform_super (void(*fptr)(struct module_qstate *qstate, int id, struct module_qstate *super)) |
| Check function pointer whitelist for module inform_super call values. | |
| int | fptr_whitelist_mod_clear (void(*fptr)(struct module_qstate *qstate, int id)) |
| Check function pointer whitelist for module clear call values. | |
| int | fptr_whitelist_mod_get_mem (size_t(*fptr)(struct module_env *env, int id)) |
| Check function pointer whitelist for module get_mem call values. | |
| int | fptr_whitelist_alloc_cleanup (void(*fptr)(void *)) |
| Check function pointer whitelist for alloc clear on id overflow call values. | |
| int | fptr_whitelist_tube_listen (tube_callback_type *fptr) |
| Check function pointer whitelist for tube listen handler values. | |
| int | fptr_whitelist_mesh_cb (mesh_cb_func_type fptr) |
| Check function pointer whitelist for mesh state callback values. | |
| int | fptr_whitelist_print_func (void(*fptr)(char *, void *)) |
| Check function pointer whitelist for config_get_option func values. | |
| int | fptr_whitelist_inplace_cb_reply_generic (inplace_cb_reply_func_type *fptr, enum inplace_cb_list_type type) |
| Check function pointer whitelist for inplace_cb_reply, inplace_cb_reply_cache, inplace_cb_reply_local and inplace_cb_reply_servfail func values. | |
| int | fptr_whitelist_inplace_cb_query (inplace_cb_query_func_type *fptr) |
| Check function pointer whitelist for inplace_cb_query func values. | |
| int | fptr_whitelist_inplace_cb_edns_back_parsed (inplace_cb_edns_back_parsed_func_type *fptr) |
| Check function pointer whitelist for inplace_cb_edns_back_parsed func values. | |
| int | fptr_whitelist_inplace_cb_query_response (inplace_cb_query_response_func_type *fptr) |
| Check function pointer whitelist for inplace_cb_query_response func values. | |
| int | fptr_whitelist_serve_expired_lookup (serve_expired_lookup_func_type *fptr) |
| Check function pointer whitelist for serve_expired_lookup func values. | |
| int | order_lock_cmp (const void *e1, const void *e2) |
| Due to module breakage by fptr wlist, these test app declarations are presented here. | |
| int | codeline_cmp (const void *a, const void *b) |
| compare two codeline structs for rbtree from memstats test app | |
| int | replay_var_compare (const void *a, const void *b) |
| compare two replay_vars | |
This file contains functions that check function pointers.
The functions contain a whitelist of known good callback values. Any other values lead to an error.
This prevent heap overflow based exploits, where the callback pointer is overwritten by a buffer overflow (apart from this defense, buffer overflows should be fixed of course).
Function pointers are used in o network code callbacks. o rbtree, lruhash, region data manipulation in lruhash, the assertions are before the critical regions. in other places, assertions are before the callback. o module operations.
| #define fptr_ok | ( | x | ) |
Macro to perform an assertion check for fptr wlist checks.
Does not get disabled in optimize mode. Check adds security by layers.
| int fptr_whitelist_comm_point | ( | comm_point_callback_type * | fptr | ) |
Check function pointer whitelist for comm_point callback values.
| fptr | function pointer to check. |
References auth_xfer_probe_udp_callback(), auth_xfer_transfer_http_callback(), auth_xfer_transfer_tcp_callback(), outnet_tcp_cb(), outnet_udp_cb(), and worker_handle_request().
Referenced by comm_point_http_handle_callback(), comm_point_local_handle_callback(), comm_point_tcp_handle_callback(), comm_point_udp_callback(), http_chunked_segment(), http_nonchunk_segment(), http_process_chunk_header(), tcp_callback_reader(), tcp_callback_writer(), tcp_more_read_again(), tcp_more_write_again(), tcp_req_info_handle_readdone(), and tcp_req_info_read_again().
| int fptr_whitelist_comm_point_raw | ( | comm_point_callback_type * | fptr | ) |
Check function pointer whitelist for raw comm_point callback values.
| fptr | function pointer to check. |
| int fptr_whitelist_comm_timer | ( | void(*)(void *) | fptr | ) |
Check function pointer whitelist for comm_timer callback values.
| fptr | function pointer to check. |
References auth_xfer_probe_timer_callback(), auth_xfer_timer(), auth_xfer_transfer_timer_callback(), doq_timer_cb(), mesh_serve_expired_callback(), mq_wakeup_cb(), outnet_tcptimer(), pending_udp_timer_cb(), pending_udp_timer_delay_cb(), serviced_timer_cb(), validate_suspend_timer_cb(), worker_probe_timer_cb(), worker_stat_timer_cb(), and wsvc_cron_cb().
Referenced by comm_timer_create(), and time_passes().
| int fptr_whitelist_comm_signal | ( | void(*)(int, void *) | fptr | ) |
Check function pointer whitelist for comm_signal callback values.
| fptr | function pointer to check. |
References worker_sighandler().
Referenced by comm_signal_callback().
| int fptr_whitelist_start_accept | ( | void(*)(void *) | fptr | ) |
Check function pointer whitelist for start_accept callback values.
| fptr | function pointer to check. |
References worker_start_accept().
| int fptr_whitelist_stop_accept | ( | void(*)(void *) | fptr | ) |
Check function pointer whitelist for stop_accept callback values.
| fptr | function pointer to check. |
References worker_stop_accept().
Referenced by comm_point_perform_accept().
| int fptr_whitelist_event | ( | void(*)(int, short, void *) | fptr | ) |
Check function pointer whitelist for event structure callback values.
This is not called by libevent itself, but checked by netevent.
| fptr | function pointer to check. |
References comm_point_doq_callback(), doq_client_event_cb(), doq_client_timer_cb(), dtio_cmd_cb(), dtio_mainfdcallback(), dtio_output_cb(), dtio_reconnect_timeout_cb(), dtio_tap_callback(), and worker_win_stop_cb().
| int fptr_whitelist_pending_udp | ( | comm_point_callback_type * | fptr | ) |
Check function pointer whitelist for pending udp callback values.
| fptr | function pointer to check. |
References serviced_udp_callback().
Referenced by outnet_send_wait_udp(), outnet_udp_cb(), and pending_udp_timer_cb().
| int fptr_whitelist_pending_tcp | ( | comm_point_callback_type * | fptr | ) |
Check function pointer whitelist for pending tcp callback values.
| fptr | function pointer to check. |
References serviced_tcp_callback().
Referenced by waiting_tcp_callback().
| int fptr_whitelist_serviced_query | ( | comm_point_callback_type * | fptr | ) |
Check function pointer whitelist for serviced query callback values.
| fptr | function pointer to check. |
References worker_handle_service_reply().
Referenced by serviced_callbacks().
| int fptr_whitelist_rbtree_cmp | ( | int(*)(const void *, const void *) | fptr | ) |
Check function pointer whitelist for rbtree cmp callback values.
| fptr | function pointer to check. |
References addr_tree_addrport_compare(), addr_tree_compare(), anchor_cmp(), auth_data_cmp(), auth_xfer_cmp(), auth_zone_cmp(), canonical_tree_compare(), fwd_cmp(), local_data_cmp(), local_zone_cmp(), mesh_state_compare(), mesh_state_ref_compare(), name_tree_compare(), nsec3_hash_cmp(), pending_cmp(), probetree_cmp(), reuse_cmp(), reuse_id_cmp(), serviced_cmp(), val_neg_data_compare(), val_neg_zone_compare(), and view_cmp().
Referenced by rbtree_find_less_equal(), and rbtree_insert().
| int fptr_whitelist_hash_sizefunc | ( | lruhash_sizefunc_type | fptr | ) |
Check function pointer whitelist for lruhash sizefunc callback values.
| fptr | function pointer to check. |
References dnsc_nonces_sizefunc(), dnsc_shared_secrets_sizefunc(), key_entry_sizefunc(), msgreply_sizefunc(), and ub_rrset_sizefunc().
Referenced by lruhash_insert(), lruhash_insert_or_retrieve(), lruhash_remove(), and lruhash_update_space_used().
| int fptr_whitelist_hash_compfunc | ( | lruhash_compfunc_type | fptr | ) |
Check function pointer whitelist for lruhash compfunc callback values.
| fptr | function pointer to check. |
References infra_compfunc(), key_entry_compfunc(), query_info_compare(), rate_compfunc(), test_slabhash_compfunc(), and ub_rrset_compare().
Referenced by lruhash_insert(), lruhash_insert_or_retrieve(), lruhash_lookup(), and lruhash_remove().
| int fptr_whitelist_hash_delkeyfunc | ( | lruhash_delkeyfunc_type | fptr | ) |
Check function pointer whitelist for lruhash delkeyfunc callback values.
| fptr | function pointer to check. |
References ub_rrset_key_delete().
Referenced by lruhash_clear(), lruhash_insert(), lruhash_insert_or_retrieve(), lruhash_remove(), and lruhash_update_space_used().
| int fptr_whitelist_hash_deldatafunc | ( | lruhash_deldatafunc_type | fptr | ) |
Check function pointer whitelist for lruhash deldata callback values.
| fptr | function pointer to check. |
Referenced by lruhash_clear(), lruhash_insert(), lruhash_insert_or_retrieve(), lruhash_remove(), and lruhash_update_space_used().
| int fptr_whitelist_hash_markdelfunc | ( | lruhash_markdelfunc_type | fptr | ) |
Check function pointer whitelist for lruhash markdel callback values.
| fptr | function pointer to check. |
References rrset_markdel(), and subnet_markdel().
Referenced by lruhash_clear(), lruhash_insert(), lruhash_insert_or_retrieve(), lruhash_remove(), and lruhash_update_space_used().
| int fptr_whitelist_modenv_send_query | ( | struct outbound_entry *(*)(struct query_info *qinfo, uint16_t flags, int dnssec, int want_dnssec, int nocaps, int check_ratelimit, struct sockaddr_storage *addr, socklen_t addrlen, uint8_t *zone, size_t zonelen, int tcp_upstream, int ssl_upstream, char *tls_auth_name, struct module_qstate *q, int *was_ratelimited) | fptr | ) |
Check function pointer whitelist for module_env send_query callback values.
| fptr | function pointer to check. |
Check function pointer whitelist for module_env send_query callback values.
References worker_send_query().
Referenced by processQueryTargets().
| int fptr_whitelist_modenv_detach_subs | ( | void(*)(struct module_qstate *qstate) | fptr | ) |
Check function pointer whitelist for module_env detach_subs callback values.
| fptr | function pointer to check. |
References mesh_detach_subs().
Referenced by processInitRequest3(), processQueryResponse(), and processQueryTargets().
| int fptr_whitelist_modenv_attach_sub | ( | int(*)(struct module_qstate *qstate, struct query_info *qinfo, uint16_t qflags, int prime, int valrec, struct module_qstate **newq) | fptr | ) |
Check function pointer whitelist for module_env attach_sub callback values.
| fptr | function pointer to check. |
References mesh_attach_sub().
Referenced by generate_request(), generate_sub_request(), and handle_ipv6_ptr().
| int fptr_whitelist_modenv_add_sub | ( | int(*)(struct module_qstate *qstate, struct query_info *qinfo, uint16_t qflags, int prime, int valrec, struct module_qstate **newq, struct mesh_state **sub) | fptr | ) |
Check function pointer whitelist for module_env add_sub callback values.
| fptr | function pointer to check. |
References mesh_add_sub().
Referenced by generate_request(), and generate_sub_request().
| int fptr_whitelist_modenv_kill_sub | ( | void(*)(struct module_qstate *newq) | fptr | ) |
Check function pointer whitelist for module_env kill_sub callback values.
| fptr | function pointer to check. |
References mesh_state_delete().
Referenced by generate_ns_check(), generate_sub_request(), prime_root(), and prime_stub().
| int fptr_whitelist_modenv_detect_cycle | ( | int(*)(struct module_qstate *qstate, struct query_info *qinfo, uint16_t flags, int prime, int valrec) | fptr | ) |
Check function pointer whitelist for module_env detect_cycle callback values.
| fptr | function pointer to check. |
References mesh_detect_cycle().
Referenced by causes_cycle(), and generate_request().
| int fptr_whitelist_mod_init | ( | int(*)(struct module_env *env, int id) | fptr | ) |
Check function pointer whitelist for module init call values.
| fptr | function pointer to check. |
References cachedb_init(), dns64_init(), dynlibmod_init(), ipsecmod_init(), ipset_init(), iter_init(), pythonmod_init(), respip_init(), subnetmod_init(), and val_init().
Referenced by modstack_call_init().
| int fptr_whitelist_mod_deinit | ( | void(*)(struct module_env *env, int id) | fptr | ) |
Check function pointer whitelist for module deinit call values.
| fptr | function pointer to check. |
References cachedb_deinit(), dns64_deinit(), dynlibmod_deinit(), ipsecmod_deinit(), iter_deinit(), pythonmod_deinit(), respip_deinit(), subnetmod_deinit(), and val_deinit().
Referenced by modstack_call_deinit().
| int fptr_whitelist_mod_startup | ( | int(*)(struct module_env *env, int id) | fptr | ) |
Check function pointer whitelist for module startup call values.
| fptr | function pointer to check. |
References ipset_startup().
Referenced by modstack_call_startup().
| int fptr_whitelist_mod_destartup | ( | void(*)(struct module_env *env, int id) | fptr | ) |
Check function pointer whitelist for module destartup call values.
| fptr | function pointer to check. |
References ipset_destartup().
Referenced by modstack_call_destartup().
| int fptr_whitelist_mod_operate | ( | void(*)(struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound) | fptr | ) |
Check function pointer whitelist for module operate call values.
| fptr | function pointer to check. |
References cachedb_operate(), dns64_operate(), dynlibmod_operate(), ipsecmod_operate(), ipset_operate(), iter_operate(), respip_operate(), subnetmod_operate(), and val_operate().
Referenced by mesh_run().
| int fptr_whitelist_mod_inform_super | ( | void(*)(struct module_qstate *qstate, int id, struct module_qstate *super) | fptr | ) |
Check function pointer whitelist for module inform_super call values.
| fptr | function pointer to check. |
References cachedb_inform_super(), dns64_inform_super(), dynlibmod_inform_super(), ipsecmod_inform_super(), iter_inform_super(), pythonmod_inform_super(), respip_inform_super(), subnetmod_inform_super(), and val_inform_super().
Referenced by mesh_walk_supers().
| int fptr_whitelist_mod_clear | ( | void(*)(struct module_qstate *qstate, int id) | fptr | ) |
Check function pointer whitelist for module clear call values.
| fptr | function pointer to check. |
References cachedb_clear(), dns64_clear(), dynlibmod_clear(), ipsecmod_clear(), ipset_clear(), iter_clear(), pythonmod_clear(), respip_clear(), subnetmod_clear(), and val_clear().
Referenced by mesh_continue(), and mesh_state_cleanup().
| int fptr_whitelist_mod_get_mem | ( | size_t(*)(struct module_env *env, int id) | fptr | ) |
Check function pointer whitelist for module get_mem call values.
| fptr | function pointer to check. |
References cachedb_get_mem(), dns64_get_mem(), dynlibmod_get_mem(), ipsecmod_get_mem(), ipset_get_mem(), iter_get_mem(), pythonmod_get_mem(), respip_get_mem(), subnetmod_get_mem(), and val_get_mem().
Referenced by mod_get_mem(), and worker_mem_report().
| int fptr_whitelist_alloc_cleanup | ( | void(*)(void *) | fptr | ) |
Check function pointer whitelist for alloc clear on id overflow call values.
| fptr | function pointer to check. |
References worker_alloc_cleanup().
Referenced by alloc_get_id(), and outnet_udp_cb().
| int fptr_whitelist_tube_listen | ( | tube_callback_type * | fptr | ) |
Check function pointer whitelist for tube listen handler values.
| fptr | function pointer to check. |
| int fptr_whitelist_mesh_cb | ( | mesh_cb_func_type | fptr | ) |
Check function pointer whitelist for mesh state callback values.
| fptr | function pointer to check. |
References auth_xfer_probe_lookup_callback(), auth_xfer_transfer_lookup_callback(), and auth_zonemd_dnskey_lookup_callback().
Referenced by mesh_do_callback(), mesh_state_add_cb(), and mesh_state_cleanup().
| int fptr_whitelist_print_func | ( | void(*)(char *, void *) | fptr | ) |
Check function pointer whitelist for config_get_option func values.
| fptr | function pointer to check. |
References config_collate_func(), config_print_func(), and remote_get_opt_ssl().
Referenced by config_get_option().
| int fptr_whitelist_inplace_cb_reply_generic | ( | inplace_cb_reply_func_type * | fptr, |
| enum inplace_cb_list_type | type | ||
| ) |
Check function pointer whitelist for inplace_cb_reply, inplace_cb_reply_cache, inplace_cb_reply_local and inplace_cb_reply_servfail func values.
| fptr | function pointer to check. |
| type | the type of the callback function. |
References python_inplace_cb_reply_generic().
| int fptr_whitelist_inplace_cb_query | ( | inplace_cb_query_func_type * | fptr | ) |
Check function pointer whitelist for inplace_cb_query func values.
| fptr | function pointer to check. |
References ecs_whitelist_check(), and python_inplace_cb_query_generic().
Referenced by inplace_cb_query_call().
| int fptr_whitelist_inplace_cb_edns_back_parsed | ( | inplace_cb_edns_back_parsed_func_type * | fptr | ) |
Check function pointer whitelist for inplace_cb_edns_back_parsed func values.
| fptr | function pointer to check. |
References ecs_edns_back_parsed(), and python_inplace_cb_edns_back_parsed_call().
Referenced by inplace_cb_edns_back_parsed_call().
| int fptr_whitelist_inplace_cb_query_response | ( | inplace_cb_query_response_func_type * | fptr | ) |
Check function pointer whitelist for inplace_cb_query_response func values.
| fptr | function pointer to check. |
References ecs_query_response(), and python_inplace_cb_query_response().
Referenced by inplace_cb_query_response_call().
| int fptr_whitelist_serve_expired_lookup | ( | serve_expired_lookup_func_type * | fptr | ) |
Check function pointer whitelist for serve_expired_lookup func values.
| fptr | function pointer to check. |
References mesh_serve_expired_lookup().
Referenced by mesh_serve_expired_callback().
| int order_lock_cmp | ( | const void * | e1, |
| const void * | e2 | ||
| ) |
Due to module breakage by fptr wlist, these test app declarations are presented here.
compare two order_ids from lock-verify test app
References order_id::instance, and order_id::thr.
| int codeline_cmp | ( | const void * | a, |
| const void * | b | ||
| ) |
compare two codeline structs for rbtree from memstats test app
| a | codeline |
| b | codeline |