deps: update c-ares to 1.17.2

Refs: https://github.com/c-ares/c-ares/releases/tag/cares-1_17_2 CVE-ID: CVE-2021-3672, CVE-2021-22931 Refs: https://nvd.nist.gov/vuln/detail/CVE-2021-3672 Refs: https://nvd.nist.gov/vuln/detail/CVE-2021-22931 PR-URL: #39724 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
nodejs · Aug 10, 2021 · 054537c · 054537c
1 parent ac54490
commit 054537c
Show file tree

Hide file tree

Showing 39 changed files with 889 additions and 593 deletions.
diff --git a/deps/cares/RELEASE-NOTES b/deps/cares/RELEASE-NOTES
@@ -1,68 +1,79 @@
-c-ares version 1.17.1
+c-ares version 1.17.2
 
-Due to a packaging issue with 1.17.0, we have released 1.17.1 to address that
-issue.  See 1.17.0 release notes below..
-
-
-c-ares version 1.17.0
+This is a security and bugfix release.  It addresses a few security related
+issues along with various bugfixes mostly related to portability.
 
 Security:
- o avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
-   fuzzing [2] [3]
- o Avoid theoretical buffer overflow in RC4 loop comparison [5]
- o Empty hquery->name could lead to invalid memory access [15]
- o ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
-   passed in [17]
+ o NodeJS passes NULL for addr and 0 for addrlen to ares_parse_ptr_reply() on
+   systems where malloc(0) returns NULL.  This would cause a crash. [8]
+ o When building c-ares with CMake, the RANDOM_FILE would not be set and
+   therefore downgrade to the less secure random number generator [12]
+ o If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause
+   a crash [13]
+ o Crash in sortaddrinfo() if the list size equals 0 due to an unexpected
+   DNS response [14]
+ o Expand number of escaped characters in DNS replies as per RFC1035 5.1 to
+   prevent spoofing [16], [17]
+ o Perform validation on hostnames to prevent possible XSS due to applications
+   not performing valiation themselves [18]
 
 Changes:
- o Update help information for adig, acountry, and ahost [4]
- o Test Suite now uses dynamic system-assigned ports rather than hardcoded
-   ports to prevent failures in containers [10]
- o Detect remote DNS server does not support EDNS using rules from RFC 6891 [12]
- o Source tree has been reorganized to use a more modern layout [13]
- o Allow parsing of CAA Resource Record [14]
+ o Use non-blocking /dev/urandom for random data to prevent early startup
+   performance issues [5]
+ o z/OS port [6]
+ o ares_malloc(0) is now defined behavior (returns NULL) rather than
+   system-specific to catch edge cases [7]
 
 Bug fixes:
- o readaddrinfo bad sizeof() [1]
- o Test cases should honor HAVE_WRITEV flag, not depend on WIN32 [6]
- o FQDN with trailing period should be queried first [7]
- o ares_getaddrinfo() was returning members of the struct as garbage values if
-   unset, and was not honoring ai_socktype and ai_protocol hints. [8] [9]
- o ares_gethostbyname() with AF_UNSPEC and an ip address would fail [11]
- o Properly document ares_set_local_ip4() uses host byte order [16]
+ o Fuzz testing files were not distributed with official archives [1]
+ o Building tests should not force building of static libraries except on
+   Windows [2]
+ o Windows builds of the tools would fail if built as static due to a missing
+   CARES_STATICLIB definition [3]
+ o Relative headers must use double quotes to prevent pulling in a system
+   library [4]
+ o Fix OpenBSD building by implementing portability updates for including
+   arpa/nameser.h [9]
+ o Fix building out-of-tree for autotools [10]
+ o Make install on MacOS/iOS with CMake was missing the bundle destination so
+   libraries weren't actually installed [11]
+ o Fix retrieving DNS server configuration on MacOS and iOS if the configuration
+   did not include search domains [15]
+ o ares_parse_a_reply and ares_parse_aaa_reply were erroneously using strdup()
+   instead of ares_strdup() [19]
+
 
 Thanks go to these friendly people for their efforts and contributions:
-  @anonymoushelpishere
-  Anthony Penniston (@apenn-msft)
+  Anton Danielsson (@anton-danielsson)
   Brad House (@bradh352)
-  Bulat Gaifullin (@bgaifullin)
-  Daniela Sonnenschein (@lxdicted)
   Daniel Stenberg (@bagder)
-  David Hotham (@dimbleby)
-  Fionn Fitzmaurice (@fionn)
-  Gisle Vanem (@gavenm)
-  Ivan Baidakou (@basiliscos)
-  Jonathan Maye-Hobbs (@wheelpharoah)
-  Łukasz Marszał (@lmarszal)
-  lutianxiong (@ltx2018)
-  Seraphime Kirkovski (@Seraphime)
-(14 contributors)
+  Dhrumil Rana (@dhrumilrana)
+  František Dvořák (@valtri)
+  @halx99
+  Jay Freeman (@saurik)
+  Jean-pierre Cartal (@jeanpierrecartal)
+  Michael Kourlas
+  Philipp Jeitner
+  @vburdo
+(11 contributors)
 
 References to bug reports and discussions on issues:
- [1] = https://github.com/c-ares/c-ares/pull/331
- [2] = https://github.com/c-ares/c-ares/pull/332
- [3] = https://github.com/c-ares/c-ares/issues/333
- [4] = https://github.com/c-ares/c-ares/pull/334
- [5] = https://github.com/c-ares/c-ares/pull/336
- [6] = https://github.com/c-ares/c-ares/pull/344
- [7] = https://github.com/c-ares/c-ares/pull/345
- [8] = https://github.com/c-ares/c-ares/issues/343
- [9] = https://github.com/c-ares/c-ares/issues/317
- [10] = https://github.com/c-ares/c-ares/pull/346
- [11] = https://github.com/c-ares/c-ares/pull/204
- [12] = https://github.com/c-ares/c-ares/pull/244
- [13] = https://github.com/c-ares/c-ares/pull/349
- [14] = https://github.com/c-ares/c-ares/pull/360
- [15] = https://github.com/c-ares/c-ares/pull/367
- [16] = https://github.com/c-ares/c-ares/pull/368
- [17] = https://github.com/c-ares/c-ares/issues/371
+ [1] = https://github.com/c-ares/c-ares/issues/379
+ [2] = https://github.com/c-ares/c-ares/issues/380
+ [3] = https://github.com/c-ares/c-ares/issues/384
+ [4] = https://github.com/c-ares/c-ares/pull/386
+ [5] = https://github.com/c-ares/c-ares/pull/391
+ [6] = https://github.com/c-ares/c-ares/pull/390
+ [7] = https://github.com/c-ares/c-ares/commit/485fb66
+ [8] = https://github.com/c-ares/c-ares/issues/392
+ [9] = https://github.com/c-ares/c-ares/issues/388
+ [10] = https://github.com/c-ares/c-ares/pull/394
+ [11] = https://github.com/c-ares/c-ares/pull/395
+ [12] = https://github.com/c-ares/c-ares/pull/397
+ [13] = https://github.com/c-ares/c-ares/commit/df94703
+ [14] = https://github.com/c-ares/c-ares/pull/400
+ [15] = https://github.com/c-ares/c-ares/pull/401
+ [16] = https://github.com/c-ares/c-ares/commit/362f91d
+ [17] = https://github.com/c-ares/c-ares/commit/44c009b
+ [18] = https://github.com/c-ares/c-ares/commit/c9b6c60
+ [19] = https://github.com/c-ares/c-ares/pull/408
diff --git a/deps/cares/cares.gyp b/deps/cares/cares.gyp
@@ -66,6 +66,7 @@
         'src/lib/ares_llist.c',
         'src/lib/ares_llist.h',
         'src/lib/ares_mkquery.c',
+        'src/lib/ares_nameser.h',
         'src/lib/ares_nowarn.c',
         'src/lib/ares_nowarn.h',
         'src/lib/ares_options.c',
@@ -106,7 +107,6 @@
         'src/lib/inet_net_pton.c',
         'src/lib/inet_ntop.c',
         'src/lib/ares_inet_net_pton.h',
-        'src/lib/nameser.h',
         'src/lib/setup_once.h',
         'src/tools/ares_getopt.c',
         'src/tools/ares_getopt.h',

diff --git a/deps/cares/include/ares.h b/deps/cares/include/ares.h
@@ -39,7 +39,7 @@
 #if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || \
     defined(__minix) || defined(__SYMBIAN32__) || defined(__INTEGRITY) || \
     defined(ANDROID) || defined(__ANDROID__) || defined(__OpenBSD__) || \
-    defined(__QNXNTO__)
+    defined(__QNXNTO__) || defined(__MVS__)
 #include <sys/select.h>
 #endif
 #if (defined(NETWARE) && !defined(__NOVELL_LIBC__))

diff --git a/deps/cares/include/ares_version.h b/deps/cares/include/ares_version.h
@@ -7,11 +7,11 @@
 
 #define ARES_VERSION_MAJOR 1
 #define ARES_VERSION_MINOR 17
-#define ARES_VERSION_PATCH 1
+#define ARES_VERSION_PATCH 2
 #define ARES_VERSION ((ARES_VERSION_MAJOR<<16)|\
                        (ARES_VERSION_MINOR<<8)|\
                        (ARES_VERSION_PATCH))
-#define ARES_VERSION_STR "1.17.1"
+#define ARES_VERSION_STR "1.17.2"
 
 #if (ARES_VERSION >= 0x010700)
 #  define CARES_HAVE_ARES_LIBRARY_INIT 1

diff --git a/deps/cares/src/lib/ares__parse_into_addrinfo.c b/deps/cares/src/lib/ares__parse_into_addrinfo.c
@@ -24,14 +24,8 @@
 #ifdef HAVE_ARPA_INET_H
 #  include <arpa/inet.h>
 #endif
-#ifdef HAVE_ARPA_NAMESER_H
-#  include <arpa/nameser.h>
-#else
-#  include "nameser.h"
-#endif
-#ifdef HAVE_ARPA_NAMESER_COMPAT_H
-#  include <arpa/nameser_compat.h>
-#endif
+
+#include "ares_nameser.h"
 
 #ifdef HAVE_STRINGS_H
 #  include <strings.h>
@@ -76,7 +70,7 @@ int ares__parse_into_addrinfo2(const unsigned char *abuf,
 
   /* Expand the name from the question, and skip past the question. */
   aptr = abuf + HFIXEDSZ;
-  status = ares__expand_name_for_response(aptr, abuf, alen, question_hostname, &len);
+  status = ares__expand_name_for_response(aptr, abuf, alen, question_hostname, &len, 0);
   if (status != ARES_SUCCESS)
     return status;
   if (aptr + len + QFIXEDSZ > abuf + alen)
@@ -92,7 +86,7 @@ int ares__parse_into_addrinfo2(const unsigned char *abuf,
   for (i = 0; i < (int)ancount; i++)
     {
       /* Decode the RR up to the data field. */
-      status = ares__expand_name_for_response(aptr, abuf, alen, &rr_name, &len);
+      status = ares__expand_name_for_response(aptr, abuf, alen, &rr_name, &len, 0);
       if (status != ARES_SUCCESS)
         {
           rr_name = NULL;
@@ -194,7 +188,7 @@ int ares__parse_into_addrinfo2(const unsigned char *abuf,
         {
           got_cname = 1;
           status = ares__expand_name_for_response(aptr, abuf, alen, &rr_data,
-                                                  &len);
+                                                  &len, 1);
           if (status != ARES_SUCCESS)
             {
               goto failed_stat;

diff --git a/deps/cares/src/lib/ares__sortaddrinfo.c b/deps/cares/src/lib/ares__sortaddrinfo.c
@@ -453,6 +453,10 @@ int ares__sortaddrinfo(ares_channel channel, struct ares_addrinfo_node *list_sen
       ++nelem;
       cur = cur->ai_next;
     }
+
+  if (!nelem)
+      return ARES_ENODATA;
+
   elems = (struct addrinfo_sort_elem *)ares_malloc(
       nelem * sizeof(struct addrinfo_sort_elem));
   if (!elems)

diff --git a/deps/cares/src/lib/ares_create_query.c b/deps/cares/src/lib/ares_create_query.c
@@ -19,22 +19,13 @@
 #ifdef HAVE_NETINET_IN_H
 #  include <netinet/in.h>
 #endif
-#ifdef HAVE_ARPA_NAMESER_H
-#  include <arpa/nameser.h>
-#else
-#  include "nameser.h"
-#endif
-#ifdef HAVE_ARPA_NAMESER_COMPAT_H
-#  include <arpa/nameser_compat.h>
-#endif
+
+#include "ares_nameser.h"
 
 #include "ares.h"
 #include "ares_dns.h"
 #include "ares_private.h"
 
-#ifndef T_OPT
-#  define T_OPT  41 /* EDNS0 option (meta-RR) */
-#endif
 
 /* Header format, from RFC 1035:
  *                                  1  1  1  1  1  1
@@ -57,7 +48,7 @@
  * of the remaining fields:
  *      ID      Identifier to match responses with queries
  *      QR      Query (0) or response (1)
- *      Opcode  For our purposes, always QUERY
+ *      Opcode  For our purposes, always O_QUERY
  *      RD      Recursion desired
  *      Z       Reserved (zero)
  *      QDCOUNT Number of queries
@@ -116,7 +107,7 @@ int ares_create_query(const char *name, int dnsclass, int type,
   q = buf;
   memset(q, 0, HFIXEDSZ);
   DNS_HEADER_SET_QID(q, id);
-  DNS_HEADER_SET_OPCODE(q, QUERY);
+  DNS_HEADER_SET_OPCODE(q, O_QUERY);
   if (rd) {
     DNS_HEADER_SET_RD(q, 1);
   }