Project

General

Profile

Actions

Bug #8619

closed

Domains improperly checked when registering DHCP static mappings

Added by Martin Gignac over 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
BIND
Target version:
-
Start date:
07/05/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

There is a bug in the Register DHCP Static Mappings feature of BIND zones. I've noticed that if I create DHCP static mappings with a domain such as "domain.com", if I have zones that are subdomain of "domain.com", such as "sub1.domain.com" and "sub2.domain.com", then these subdomain zones will also be populated with the static DHCP mappings of "domain.com". This is not the expected behavior.

I've narrowed it down to https://github.com/pfsense/FreeBSD-ports/blob/devel/dns/pfSense-pkg-bind9/files/usr/local/pkg/bind.inc line 576 where the PHP function array_diff_assoc is used to compare the domain defined for a given static DHCP mapping and a given zone's domain. This function "Returns an array containing all the values from array1 that are not present in any of the other arrays.". So with array1 being the DHCP static mapping domain and array2 being the current loop iteration's zone name, it is normal that array1 (["com", "domain"]) does not have any values that are not already contained in the other array (such as ["com", "domain", "sub1"]). Therefore it returns an empty array with a length of zero, which triggers the behavior to create the static DHCP mapping.

By replacing the array_diff_assoc function with an equality comparison it replaces the above behavior with one which I believe is the correct one, which is to only register DHCP static mappings in the zone that is an exact match for the domain specified for that DHCP mapping:

--- bind.inc.orig-magi  2018-06-20 16:56:03.522194000 -0400
+++ bind.inc.change-magi        2018-06-21 09:01:15.353851000 -0400
@@ -566,8 +566,7 @@
                                                                                }
                                                                        } else {
                                                                                $parts = array_reverse(explode('.', $domain));
-                                                                               $diff = array_diff_assoc($parts, $zoneparts);
-                                                                               if (count($diff) == 0) {
+                                                                               if ($parts === $zoneparts) {
                                                                                        $zone_conf .= "{$host['hostname']}\tIN A\t{$host['ipaddr']}\n";
                                                                                }
                                                                        }

I will submit a PR for this issue.

Thanks,
-Martin

Actions #2

Updated by Jim Pingle over 4 years ago

  • Category set to BIND
  • Status changed from New to Resolved

PR was merged over a year ago.

Actions

Also available in: Atom PDF