summaryrefslogtreecommitdiff
path: root/src/libsystemd-network
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-11-18 17:19:44 +0100
committerLennart Poettering <lennart@poettering.net>2016-11-21 22:58:26 +0100
commitd9ec2e632df4905201facf76d6a205edc952116a (patch)
tree4a0b6758f948618072d80d354b6d21d034fac047 /src/libsystemd-network
parent49ad68298a1c244b6acffff28e7648d803a57563 (diff)
dhcp4: filter bogus DNS/NTP server addresses silently
if we receive a bogus lease with a DNS/NTP server within local scope let's politely ignore. Fixes: #4524
Diffstat (limited to 'src/libsystemd-network')
-rw-r--r--src/libsystemd-network/sd-dhcp-lease.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c
index 8387b185c0..7fed55c5fc 100644
--- a/src/libsystemd-network/sd-dhcp-lease.c
+++ b/src/libsystemd-network/sd-dhcp-lease.c
@@ -383,6 +383,23 @@ static int lease_parse_domain(const uint8_t *option, size_t len, char **ret) {
return 0;
}
+static void filter_bogus_addresses(struct in_addr *addresses, size_t *n) {
+ size_t i, j;
+
+ /* Silently filter DNS/NTP servers supplied to us that do not make outside of the local scope. */
+
+ for (i = 0, j = 0; i < *n; i ++) {
+
+ if (in4_addr_is_null(addresses+i) ||
+ in4_addr_is_localhost(addresses+i))
+ continue;
+
+ addresses[j++] = addresses[i];
+ }
+
+ *n = j;
+}
+
static int lease_parse_in_addrs(const uint8_t *option, size_t len, struct in_addr **ret, size_t *n_ret) {
assert(option);
assert(ret);
@@ -404,6 +421,8 @@ static int lease_parse_in_addrs(const uint8_t *option, size_t len, struct in_add
if (!addresses)
return -ENOMEM;
+ filter_bogus_addresses(addresses, &n_addresses);
+
free(*ret);
*ret = addresses;
*n_ret = n_addresses;