diff options
author | Daniel Mack <daniel@zonque.org> | 2015-12-10 16:08:43 +0100 |
---|---|---|
committer | Daniel Mack <daniel@zonque.org> | 2015-12-10 16:32:02 +0100 |
commit | 40fa4728eb0de88719c288aaf8793a37c1bb84f9 (patch) | |
tree | 2d1d60ce741548942758026f6f7efd2cf66b2e3a | |
parent | e4b0e862252ac5c50c533b46dfe839b7c45639ac (diff) |
resolved: discard any reply packet that contains a bogus name
Only .in-addr.arpa and .local are considered local in mDNS, so discard the
packet if anything else is thrown at us.
-rw-r--r-- | src/resolve/resolved-mdns.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/resolve/resolved-mdns.c b/src/resolve/resolved-mdns.c index abe63d58c1..d6973a6999 100644 --- a/src/resolve/resolved-mdns.c +++ b/src/resolve/resolved-mdns.c @@ -86,7 +86,7 @@ static int on_mdns_packet(sd_event_source *s, int fd, uint32_t revents, void *us } if (dns_packet_validate_reply(p) > 0) { - unsigned i; + DnsResourceRecord *rr; log_debug("Got mDNS reply packet"); @@ -107,11 +107,15 @@ static int on_mdns_packet(sd_event_source *s, int fd, uint32_t revents, void *us dns_scope_check_conflicts(scope, p); - for (i = 0; i < p->answer->n_rrs; i++) { - DnsResourceRecord *rr; + DNS_ANSWER_FOREACH(rr, p->answer) { + const char *name = DNS_RESOURCE_KEY_NAME(rr->key); DnsTransaction *t; - rr = p->answer->items[i].rr; + /* If the received reply packet contains ANY record that is not .local or .in-addr.arpa, + * we assume someone's playing tricks on us and discard the packet completely. */ + if (!(dns_name_endswith(name, "in-addr.arpa") > 0 || + dns_name_endswith(name, "local") > 0)) + return 0; t = dns_scope_find_transaction(scope, rr->key, false); if (t) |