diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-11-18 17:19:44 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-11-21 22:58:26 +0100 |
commit | d9ec2e632df4905201facf76d6a205edc952116a (patch) | |
tree | 4a0b6758f948618072d80d354b6d21d034fac047 /src/libsystemd-network | |
parent | 49ad68298a1c244b6acffff28e7648d803a57563 (diff) |
dhcp4: filter bogus DNS/NTP server addresses silently
if we receive a bogus lease with a DNS/NTP server within local scope let's
politely ignore.
Fixes: #4524
Diffstat (limited to 'src/libsystemd-network')
-rw-r--r-- | src/libsystemd-network/sd-dhcp-lease.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c index 8387b185c0..7fed55c5fc 100644 --- a/src/libsystemd-network/sd-dhcp-lease.c +++ b/src/libsystemd-network/sd-dhcp-lease.c @@ -383,6 +383,23 @@ static int lease_parse_domain(const uint8_t *option, size_t len, char **ret) { return 0; } +static void filter_bogus_addresses(struct in_addr *addresses, size_t *n) { + size_t i, j; + + /* Silently filter DNS/NTP servers supplied to us that do not make outside of the local scope. */ + + for (i = 0, j = 0; i < *n; i ++) { + + if (in4_addr_is_null(addresses+i) || + in4_addr_is_localhost(addresses+i)) + continue; + + addresses[j++] = addresses[i]; + } + + *n = j; +} + static int lease_parse_in_addrs(const uint8_t *option, size_t len, struct in_addr **ret, size_t *n_ret) { assert(option); assert(ret); @@ -404,6 +421,8 @@ static int lease_parse_in_addrs(const uint8_t *option, size_t len, struct in_add if (!addresses) return -ENOMEM; + filter_bogus_addresses(addresses, &n_addresses); + free(*ret); *ret = addresses; *n_ret = n_addresses; |