You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The race can occur if /etc/resolv.conf is written to between when conf.go reads the file and when the stat() is done in the init() function because the saved modification time of the conf file is set on the first time we call tryUpdate, but not when we call the initConfVal() function mentioned above.
The tryUpdate() function will now not re-read /etc/resolv.conf until it changes again.
We are working around this by setting GODEBUG=netdns=cgo which does not cache the resolv.conf information.
The text was updated successfully, but these errors were encountered:
ianlancetaylor
changed the title
DNS resolution can use the wrong server in race condition (resolv.conf stale information)
net: DNS resolution can use the wrong server in race condition (resolv.conf stale information)
Jan 22, 2016
I think https://golang.org/cl/18860/ should fix this, but I say wait for 1.7. I believe this issue was present in 1.5, so it's not a regression in 1.6.
(Also, does gopherbot not link to CLs if you reply "R=go1.7" immediately after uploading? It also never linked https://golang.org/cl/18623/ to its issue.)
(Also, does gopherbot not link to CLs if you reply "R=go1.7" immediately after uploading? It also never linked https://golang.org/cl/18623/ to its issue.)
That's @rsc's script somewhere. It doesn't run too often, but it's been plenty of time. Maybe it's confused by the period at the end of the Fixes line?
I'm surprised this isn't being ported to 1.6. Seems like a serious enough issue, also I'd be nice to start using the new DNS code ASAP rather than sticking to cgo for it. I'd even argue that it should be on a patch to 1.5. Even though this technically isn't a regression since the code is all new, it is a regression in functionality since 1.4 worked perfectly (albeit not using that code).
There can be a race condition on reading resolv.conf that can allow go programs to contain stale information to perform DNS lookups.
resolv.conf is read in net/conf.go initConfVal() and stored in systemConf().resolv
go/src/net/conf.go
Line 99 in 1b6d55a
In dnsclient_unix.go the "init" function will get that information from systemConf().
go/src/net/dnsclient_unix.go
Line 244 in 1b6d55a
The function then does a stat on the file to set what the conf.modTime is to check for updates to the file.
go/src/net/dnsclient_unix.go
Line 249 in 1b6d55a
The race can occur if /etc/resolv.conf is written to between when conf.go reads the file and when the stat() is done in the init() function because the saved modification time of the conf file is set on the first time we call tryUpdate, but not when we call the initConfVal() function mentioned above.
go/src/net/dnsclient_unix.go
Line 262 in 1b6d55a
The tryUpdate() function will now not re-read /etc/resolv.conf until it changes again.
We are working around this by setting GODEBUG=netdns=cgo which does not cache the resolv.conf information.
The text was updated successfully, but these errors were encountered: