validate that filters have distinct names and queue numbers

capnspacehook · Jan 19, 2022 · 1c5030a · 1c5030a
1 parent 299df45
commit 1c5030a
Show file tree

Hide file tree

Showing 2 changed files with 92 additions and 0 deletions.
diff --git a/config.go b/config.go
@@ -57,8 +57,12 @@ func parseConfigBytes(cb []byte) (*Config, error) {
 	var (
 		preformReverseLookups bool
 		allCachedHostnames    []string
+
+		filterNames  = make(map[string]int)
+		filterQueues = make(map[uint16]string)
 	)
 	for i, filterOpt := range config.Filters {
+
 		if filterOpt.Name == "" {
 			return nil, fmt.Errorf(`filter #%d: "name" must be set`, i)
 		}
@@ -99,12 +103,34 @@ func parseConfigBytes(cb []byte) (*Config, error) {
 			return nil, fmt.Errorf(`filter %q: "dnsQueue" must not be set when "allowedHostnames" is empty and either "cachedHostames" is not empty or "lookupUnknownIPs" is true`, filterOpt.Name)
 		}
 
+		if idx, ok := filterNames[filterOpt.Name]; ok {
+			return nil, fmt.Errorf(`filter #%d: filter name %q is already used by filter #%d`, i, filterOpt.Name, idx)
+		}
+		if filterOpt.DNSQueue != 0 {
+			if name, ok := filterQueues[filterOpt.DNSQueue]; ok {
+				return nil, fmt.Errorf(`filter %q: dnsQueue %d is already used by filter %q`, filterOpt.Name, filterOpt.DNSQueue, name)
+			}
+		}
+		if filterOpt.TrafficQueue != 0 {
+			if name, ok := filterQueues[filterOpt.TrafficQueue]; ok {
+				return nil, fmt.Errorf(`filter %q: trafficQueue %d is already used by filter %q`, filterOpt.Name, filterOpt.TrafficQueue, name)
+			}
+		}
+
 		if filterOpt.LookupUnknownIPs {
 			preformReverseLookups = true
 		}
 		if len(filterOpt.CachedHostnames) > 0 {
 			allCachedHostnames = append(allCachedHostnames, filterOpt.CachedHostnames...)
 		}
+
+		filterNames[filterOpt.Name] = i
+		if filterOpt.DNSQueue != 0 {
+			filterQueues[filterOpt.DNSQueue] = filterOpt.Name
+		}
+		if filterOpt.TrafficQueue != 0 {
+			filterQueues[filterOpt.TrafficQueue] = filterOpt.Name
+		}
 	}
 
 	if config.SelfDNSQueue == 0 && (preformReverseLookups || len(allCachedHostnames) > 0) {

diff --git a/config_test.go b/config_test.go
@@ -234,6 +234,72 @@ allowedHostnames = ["foo"]`,
 			expectedConfig: nil,
 			expectedErr:    `"selfDNSQueue" must only be set when at least one filter either sets "lookupUnknownIPs" to true or "cachedHostnames" is not empty`,
 		},
+		{
+			testName: "duplicate filter names",
+			configStr: `
+inboundDNSQueue = 1
+selfDNSQueue = 100
+
+[[filters]]
+name = "foo"
+dnsQueue = 1000
+trafficQueue = 1001
+allowAnswersFor = "10s"
+allowedHostnames = ["foo"]
+
+[[filters]]
+name = "foo"
+dnsQueue = 2000
+trafficQueue = 2001
+allowAnswersFor = "10s"
+allowedHostnames = ["bar"]`,
+			expectedConfig: nil,
+			expectedErr:    `filter #1: filter name "foo" is already used by filter #0`,
+		},
+		{
+			testName: "duplicate dnsQueues",
+			configStr: `
+inboundDNSQueue = 1
+selfDNSQueue = 100
+
+[[filters]]
+name = "foo"
+dnsQueue = 1000
+trafficQueue = 1001
+allowAnswersFor = "10s"
+allowedHostnames = ["foo"]
+
+[[filters]]
+name = "bar"
+dnsQueue = 1000
+trafficQueue = 2001
+allowAnswersFor = "10s"
+allowedHostnames = ["bar"]`,
+			expectedConfig: nil,
+			expectedErr:    `filter "bar": dnsQueue 1000 is already used by filter "foo"`,
+		},
+		{
+			testName: "duplicate trafficQueues",
+			configStr: `
+inboundDNSQueue = 1
+selfDNSQueue = 100
+
+[[filters]]
+name = "foo"
+dnsQueue = 1000
+trafficQueue = 1001
+allowAnswersFor = "10s"
+allowedHostnames = ["foo"]
+
+[[filters]]
+name = "bar"
+dnsQueue = 2000
+trafficQueue = 1001
+allowAnswersFor = "10s"
+allowedHostnames = ["bar"]`,
+			expectedConfig: nil,
+			expectedErr:    `filter "bar": trafficQueue 1001 is already used by filter "foo"`,
+		},
 		{
 			testName: "valid allowAllHostnames is set",
 			configStr: `