diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2003-11-27 16:40:03 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2003-11-27 16:40:03 +0000 |
| commit | 2a9511d53411b4fefd47535dcb58ba3998a8b28b (patch) | |
| tree | 250e900f5f8392ec202fbf8fa3af4bd411576511 /contrib/bind/bin | |
| parent | 23f9108859a7d6402960469d3a1ce7027b289d0a (diff) | |
| download | src-2a9511d53411b4fefd47535dcb58ba3998a8b28b.tar.gz src-2a9511d53411b4fefd47535dcb58ba3998a8b28b.zip | |
Correct a remote denial-of-service attack in named(8).releng/4.4
Notes
Notes:
svn path=/releng/4.4/; revision=123008
Diffstat (limited to 'contrib/bind/bin')
| -rw-r--r-- | contrib/bind/bin/named/ns_resp.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/contrib/bind/bin/named/ns_resp.c b/contrib/bind/bin/named/ns_resp.c index c371fba842af..21c4095b2048 100644 --- a/contrib/bind/bin/named/ns_resp.c +++ b/contrib/bind/bin/named/ns_resp.c @@ -272,7 +272,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) u_int qtype, qclass; int restart; /* flag for processing cname response */ int validanswer, dbflags; - int cname, lastwascname, externalcname; + int cname, lastwascname, externalcname, cachenegative; int count, founddata, foundname; int buflen; int newmsglen; @@ -912,6 +912,7 @@ tcp_retry: cname = 0; lastwascname = 0; externalcname = 0; + cachenegative = 1; strcpy(aname, qname); if (count) { @@ -981,6 +982,7 @@ tcp_retry: name); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } if (type == T_CNAME && @@ -1011,6 +1013,7 @@ tcp_retry: "last was cname, ignoring auth. and add."); db_detach(&dp); validanswer = 0; + cachenegative = 0; break; } if (i < arfirst) { @@ -1026,6 +1029,7 @@ tcp_retry: sin_ntoa(from)); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } else if (!ns_samedomain(name, qp->q_domain)) { @@ -1039,6 +1043,7 @@ tcp_retry: sin_ntoa(from)); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } if (type == T_NS) { @@ -1231,8 +1236,9 @@ tcp_retry: ) ) { - cache_n_resp(msg, msglen, from, qp->q_name, - qp->q_class, qp->q_type); + if (cachenegative) + cache_n_resp(msg, msglen, from, qp->q_name, + qp->q_class, qp->q_type); if (!qp->q_cmsglen && validanswer) { ns_debug(ns_log_default, 3, |