timamsk/sing-box
1
0
Fork 0
mirror of https://github.com/SagerNet/sing-box.git synced 2026-04-13 20:28:32 +10:00
Code Issues Packages Projects Releases Wiki Activity

Fix DNS record parser file inclusion and rule match log index

Browse Source 
Remove SetIncludeAllowed(true) from the DNS record zone parser.
The $INCLUDE directive allows opening arbitrary files via os.Open,
which is unnecessary and dangerous when parsing a single record string
from configuration (especially remote profiles).

Fix displayRuleIndex arithmetic in dns/router.go that computed
2*index+1 instead of the correct 0-based index. This was a
reintroduction of a bug previously fixed in be8ee370a. Both
matchDNS and logRuleMatch now use the index directly, matching
the pattern in route/route.go.
This commit is contained in:
世界
2026-03-26 18:58:53 +08:00
parent 4ea33a00b1
commit 7f64980ea3
2 changed files with 5 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
dns/router.go
View File

@@ -296,15 +296,10 @@ func (r *Router) matchDNS(ctx context.Context, allowFakeIP bool, ruleIndex int,
metadata.ResetRuleCache()
metadata.DestinationAddressMatchFromResponse = false
if currentRule.LegacyPreMatch(metadata) {
displayRuleIndex := currentRuleIndex
if displayRuleIndex != -1 {
displayRuleIndex += displayRuleIndex + 1
}
ruleDescription := currentRule.String()
if ruleDescription != "" {
r.logger.DebugContext(ctx, "match[", displayRuleIndex, "] ", currentRule, " => ", currentRule.Action())
if ruleDescription := currentRule.String(); ruleDescription != "" {
r.logger.DebugContext(ctx, "match[", currentRuleIndex, "] ", currentRule, " => ", currentRule.Action())
} else {
r.logger.DebugContext(ctx, "match[", displayRuleIndex, "] => ", currentRule.Action())
r.logger.DebugContext(ctx, "match[", currentRuleIndex, "] => ", currentRule.Action())
}
switch action := currentRule.Action().(type) {
case *R.RuleActionDNSRoute:
@@ -397,14 +392,10 @@ func (r *Router) resolveDNSRoute(action *R.RuleActionDNSRoute, allowFakeIP bool,
}
func (r *Router) logRuleMatch(ctx context.Context, ruleIndex int, currentRule adapter.DNSRule) {
displayRuleIndex := ruleIndex
if displayRuleIndex != -1 {
displayRuleIndex += displayRuleIndex + 1
}
if ruleDescription := currentRule.String(); ruleDescription != "" {
r.logger.DebugContext(ctx, "match[", displayRuleIndex, "] ", currentRule, " => ", currentRule.Action())
r.logger.DebugContext(ctx, "match[", ruleIndex, "] ", currentRule, " => ", currentRule.Action())
} else {
r.logger.DebugContext(ctx, "match[", displayRuleIndex, "] => ", currentRule.Action())
r.logger.DebugContext(ctx, "match[", ruleIndex, "] => ", currentRule.Action())
}
}

1
option/dns_record.go
View File

@@ -99,7 +99,6 @@ func parseDNSRecord(stringValue string) (dns.RR, error) {
}
parser := dns.NewZoneParser(strings.NewReader(stringValue), "", "")
parser.SetDefaultTTL(defaultDNSRecordTTL)
parser.SetIncludeAllowed(true)
record, _ := parser.Next()
return record, parser.Err()
}