|
Last change
on this file since 37aaf89 was
37aaf89,
checked in by Edwin Eefting <edwin@datux.nl>, 3 years ago
|
|
djbdns patches, so it works correctly with twitter etc
|
-
Property mode set to
100644
|
|
File size:
776 bytes
|
| Rev | Line | |
|---|
| [37aaf89] | 1 | Description: Fix ghost domain attack vulnerability (CVE-2012-1191) |
|---|
| 2 | Origin: http://marc.info/?l=djbdns&m=134269902121506&w=2 |
|---|
| 3 | Author: Peter Conrad <conrad@tivano.de> |
|---|
| 4 | Date: Tue, 18 Jun 2019 00:51:18 +0000 |
|---|
| 5 | Gentoo-Bug: https://bugs.gentoo.org/404959 |
|---|
| 6 | Last-Update: 2020-07-26 |
|---|
| 7 | |
|---|
| 8 | diff --git a/query.c b/query.c |
|---|
| 9 | index 61fe708..085cf44 100644 |
|---|
| 10 | --- a/query.c |
|---|
| 11 | +++ b/query.c |
|---|
| 12 | @@ -578,6 +578,12 @@ static int doit(struct query *z,int state) |
|---|
| 13 | } |
|---|
| 14 | |
|---|
| 15 | if (!dns_domain_suffix(t1,control)) { i = j; continue; } |
|---|
| 16 | + |
|---|
| 17 | + if (!flagforwardonly && byte_equal(type,2,DNS_T_NS) && dns_domain_equal(t1,control)) { |
|---|
| 18 | + char dummy[256]; |
|---|
| 19 | + if (!roots(dummy,control)) { i = j; continue; } |
|---|
| 20 | + } |
|---|
| 21 | + |
|---|
| 22 | if (!roots_same(t1,control)) { i = j; continue; } |
|---|
| 23 | |
|---|
| 24 | if (byte_equal(type,2,DNS_T_ANY)) |
|---|
Note: See
TracBrowser
for help on using the repository browser.
