+2005-06-19 Andrew Miller <a1kmm@amxl.com>
+
+ * ircd/ircd_res.c (proc_answer): Deal with unexpected record types more
+ gracefully.
+
+ * ircd/ircd_res.c (res_readreply): Check res_ourserver before walking
+ the pending request list, to make DoS attacks harder.
+
2005-06-18 Michael Poole <mdpoole@troilus.org>
* ircd/s_debug.c (count_memory): Consolidate several lines; make
/*
- * A rewrite of Darren Reeds original res.c As there is nothing
- * left of Darrens original code, this is now licensed by the hybrid group.
+ * A rewrite of Darren Reed's original res.c As there is nothing
+ * left of Darren's original code, this is now licensed by the hybrid group.
* (Well, some of the function names are the same, and bits of the structs..)
* You can use it where it is useful, free even. Buy us a beer and stuff.
*
* but its possible its just a broken nameserver with still
* valid answers. But lets do some rudimentary logging for now...
*/
- log_write(LS_RESOLVER, L_ERROR, 0, "irc_res.c bogus type %d", type);
+ log_write(LS_RESOLVER, L_ERROR, 0, "irc_res.c bogus type %d", type);
+
+ if ((char*)current + rd_length >= (char*)current)
+ current += rd_length;
+ else
+ return(0);
+
break;
}
}
|| (rc <= sizeof(HEADER)))
return;
+ /*
+ * check against possibly fake replies
+ */
+ if (!res_ourserver(&lsin))
+ return;
+
/*
* convert DNS reply reader from Network byte order to CPU byte order.
*/
if (0 == (request = find_id(header->id)))
return;
- /*
- * check against possibly fake replies
- */
- if (!res_ourserver(&lsin))
- return;
-
if ((header->rcode != NO_ERRORS) || (header->ancount == 0))
{
if (SERVFAIL == header->rcode)