source: npl/internetserver/djbdns/patches/0006-Fix-ghost-domain-attack-vulnerability-CVE-2012-1191.patch @ 9c06000

Last change on this file since 9c06000 was 37aaf89, checked in by Edwin Eefting <edwin@datux.nl>, 3 years ago

djbdns patches, so it works correctly with twitter etc
  • Property mode set to 100644
File size: 776 bytes

  • query.c 

    Description: Fix ghost domain attack vulnerability (CVE-2012-1191)
Origin: http://marc.info/?l=djbdns&m=134269902121506&w=2
Author: Peter Conrad <conrad@tivano.de>
Date: Tue, 18 Jun 2019 00:51:18 +0000
Gentoo-Bug: https://bugs.gentoo.org/404959
Last-Update: 2020-07-26

diff --git a/query.c b/query.c
index 61fe708..085cf44 100644
    a b static int doit(struct query *z,int state) 
    578578    }
    579579
    580580    if (!dns_domain_suffix(t1,control)) { i = j; continue; }
     581
     582    if (!flagforwardonly && byte_equal(type,2,DNS_T_NS) && dns_domain_equal(t1,control)) {
     583        char dummy[256];
     584        if (!roots(dummy,control)) { i = j; continue; }
     585    }
     586
    581587    if (!roots_same(t1,control)) { i = j; continue; }
    582588
    583589    if (byte_equal(type,2,DNS_T_ANY))
Note: See TracBrowser for help on using the repository browser.