Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix(caddyfile): infinite loop on unclosed braces #7571

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yongtang merged 1 commit into from
Sep 30, 2025
Merged

fix(caddyfile): infinite loop on unclosed braces #7571

yongtang merged 1 commit into from
Sep 30, 2025

Conversation

@thevilledev
Copy link
Collaborator

@thevilledev thevilledev commented Sep 23, 2025
edited
Loading

1. Why is this pull request needed and what does it do?

Update coredns/caddy so Dispenser.NextBlock() checks Next() return value and stops at EOF. This prevents an infinite loop when a block is opened but its closing "}" is never seen before EOF. For example, due to a missing brace or malformed/commented input with control/non‑UTF‑8 bytes (such as hosts#…\x0c{) that hides the terminator.

Added a regression test and refactored the corefile_test.go to use test cases. If you run the test against master you will see it times out, due to infinite loop.

2. Which issues (if any) are related?

Fixes OSS-Fuzz finding #446778634 + group 5160400776724480.

3. Which documentation changes (if any) need to be made?

None.

4. Does this introduce a backward incompatible change or deprecation?

No.

@thevilledev thevilledev mentioned this pull request Sep 23, 2025
Merged
@codecov
Copy link

codecov bot commented Sep 23, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 62.62%. Comparing base (93c57b6) to head (36e6010).
⚠️ Report is 1673 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7571      +/-   ##
==========================================
+ Coverage   55.70%   62.62%   +6.92%     
==========================================
  Files         224      274      +50     
  Lines       10016    18320    +8304     
==========================================
+ Hits         5579    11473    +5894     
- Misses       3978     6181    +2203     
- Partials      459      666     +207

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@thevilledev thevilledev force-pushed the fix/caddyfile-inf-loop branch 4 times, most recently from 974c80a to 77e2ff4 Compare September 27, 2025 07:25
@thevilledev thevilledev mentioned this pull request Sep 29, 2025
Closed
@thevilledev
Copy link
Collaborator Author

thevilledev commented Sep 29, 2025
edited
Loading

The branch used in the Caddyfile PR coredns/caddy#10 is used in this PR and all tests pass. I'll keep this as "WIP" until:

  • Caddyfile PR is merged in
  • New coredns/caddy version is tagged

I'll then finalise this and update go.mod to use the new caddy version, instead of my branch.

@thevilledev
fix(caddyfile): infinite loop on unclosed braces
36e6010 
Update coredns/caddy to a version where Dispenser.NextBlock()
checks Next() and stops at EOF. This ensures forward progress
and prevents an infinite loop when a block is missing a closing '}'
under certain conditions.

Added a regression test.

Signed-off-by: Ville Vesilehto <[email protected]>
@thevilledev thevilledev force-pushed the fix/caddyfile-inf-loop branch from 77e2ff4 to 36e6010 Compare September 30, 2025 05:20
@thevilledev thevilledev changed the title WIP fix(caddyfile): infinite loop on unclosed braces fix(caddyfile): infinite loop on unclosed braces Sep 30, 2025
@thevilledev thevilledev marked this pull request as ready for review September 30, 2025 05:27
@thevilledev thevilledev mentioned this pull request Sep 30, 2025
Merged
@yongtang yongtang merged commit 9a57d96 into coredns:master Sep 30, 2025
13 checks passed
@thevilledev
Copy link
Collaborator Author

thevilledev commented Sep 30, 2025

Thanks @yongtang!

@thevilledev thevilledev deleted the fix/caddyfile-inf-loop branch September 30, 2025 17:07
@BrewTestBot BrewTestBot mentioned this pull request Oct 6, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yongtang yongtang yongtang approved these changes

@miekg miekg Awaiting requested review from miekg miekg is a code owner

@chrisohaver chrisohaver Awaiting requested review from chrisohaver chrisohaver is a code owner

@johnbelamaric johnbelamaric Awaiting requested review from johnbelamaric johnbelamaric is a code owner

@stp-ip stp-ip Awaiting requested review from stp-ip stp-ip is a code owner

@bradbeam bradbeam Awaiting requested review from bradbeam bradbeam is a code owner

@dilyevsky dilyevsky Awaiting requested review from dilyevsky dilyevsky is a code owner

@jameshartig jameshartig Awaiting requested review from jameshartig jameshartig is a code owner

@greenpau greenpau Awaiting requested review from greenpau greenpau is a code owner

@Isolus Isolus Awaiting requested review from Isolus Isolus is a code owner

@pmoroney pmoroney Awaiting requested review from pmoroney pmoroney is a code owner

@rajansandeep rajansandeep Awaiting requested review from rajansandeep rajansandeep is a code owner

@SuperQ SuperQ Awaiting requested review from SuperQ SuperQ is a code owner

@Tantalor93 Tantalor93 Awaiting requested review from Tantalor93 Tantalor93 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thevilledev @yongtang