• Fix stability issues in DoH daemon and event loop#27
Merged
Conversation
danielinux
commented
Jan 26, 2026
danielinux
commented
Collaborator
- Prevent OOB writes in request peek and non-H2 handling
- Handle non-fatal TLS handshake errors and EOF cleanly
- Avoid daemon exit on resolver send failure; fail request instead
- Harden DNS reply parsing for compressed/uncompressed names
- Add nghttp2 submit error handling to avoid hung streams
- Fix libevquick signal/timer safety and nonblocking pipe setup
- Guard resolver list overflow; improve cleanup/leak handling
- Align URL64 test signature and add forward declaration for build
- Prevent OOB writes in request peek and non-H2 handling - Handle non-fatal TLS handshake errors and EOF cleanly - Avoid daemon exit on resolver send failure; fail request instead - Harden DNS reply parsing for compressed/uncompressed names - Add nghttp2 submit error handling to avoid hung streams - Fix libevquick signal/timer safety and nonblocking pipe setup - Guard resolver list overflow; improve cleanup/leak handling - Align URL64 test signature and add forward declaration for build
There was a problem hiding this comment.
Pull request overview
This pull request addresses critical stability and security issues in the DoH (DNS-over-HTTPS) daemon and event loop library. The changes focus on preventing out-of-bounds writes, improving error handling for TLS and networking operations, and fixing DNS parsing logic to handle both compressed and uncompressed names.
Changes:
- Fixed buffer overflow vulnerabilities in DNS request peeking and HTTP/2 response handling
- Improved error handling for TLS handshake failures, resolver send failures, and nghttp2 operations
- Hardened DNS reply parsing with proper support for compressed/uncompressed domain names
- Fixed signal/timer safety and nonblocking pipe configuration in libevquick
- Added resolver list overflow protection
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| test/test_url64.c | Updated function signature and test code to align with implementation that returns decoded length directly |
| src/libevquick.c | Fixed fcntl nonblocking flag usage, improved signal handler safety, and added timer deletion cleanup |
| src/dohd.c | Added DNS name parsing functions, improved error handling throughout, prevented buffer overflows, and added resolver bounds checking |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.