[Patches] [CVS] Module ircu2.10: Change committed

Andrew Miller Sun, 19 Jun 2005 04:35:16 -0700

Committer  : a1kmm
CVSROOT    : /cvsroot/undernet-ircu
Module     : ircu2.10
Commit time: 2005-06-19 11:33:44 UTC


Modified files:
     ircd/ircd_res.c ChangeLog

Log message:

Make the resolver better able to handle unexpected record types. Also check for
wrong response IPs before searching the pending list instead of after.

---------------------- diff included ----------------------
Index: ircu2.10/ChangeLog
diff -u ircu2.10/ChangeLog:1.648 ircu2.10/ChangeLog:1.649
--- ircu2.10/ChangeLog:1.648    Sat Jun 18 19:31:27 2005
+++ ircu2.10/ChangeLog  Sun Jun 19 04:33:32 2005
@@ -1,3 +1,11 @@
+2005-06-19  Andrew Miller  <[EMAIL PROTECTED]>
+
+       * ircd/ircd_res.c (proc_answer): Deal with unexpected record types more
+       gracefully.
+
+       * ircd/ircd_res.c (res_readreply): Check res_ourserver before walking
+       the pending request list, to make DoS attacks harder.
+
 2005-06-18  Michael Poole <[EMAIL PROTECTED]>
 
        * ircd/s_debug.c (count_memory): Consolidate several lines; make
Index: ircu2.10/ircd/ircd_res.c
diff -u ircu2.10/ircd/ircd_res.c:1.21 ircu2.10/ircd/ircd_res.c:1.22
--- ircu2.10/ircd/ircd_res.c:1.21       Wed Mar 30 20:05:55 2005
+++ ircu2.10/ircd/ircd_res.c    Sun Jun 19 04:33:32 2005
@@ -1,6 +1,6 @@
 /*
- * A rewrite of Darren Reeds original res.c As there is nothing
- * left of Darrens original code, this is now licensed by the hybrid group.
+ * A rewrite of Darren Reed's original res.c As there is nothing
+ * left of Darren's original code, this is now licensed by the hybrid group.
  * (Well, some of the function names are the same, and bits of the structs..)
  * You can use it where it is useful, free even. Buy us a beer and stuff.
  *
@@ -18,7 +18,7 @@
  */
 /** @file
  * @brief IRC resolver functions.
- * @version $Id: ircd_res.c,v 1.21 2005/03/31 04:05:55 entrope Exp $
+ * @version $Id: ircd_res.c,v 1.22 2005/06/19 11:33:32 a1kmm Exp $
  */
 
 #include "client.h"
@@ -727,7 +727,13 @@
          * but its possible its just a broken nameserver with still
          * valid answers. But lets do some rudimentary logging for now...
          */
-          log_write(LS_RESOLVER, L_ERROR, 0, "irc_res.c bogus type %d", type);
+        log_write(LS_RESOLVER, L_ERROR, 0, "irc_res.c bogus type %d", type);
+
+        if ((char*)current + rd_length >= (char*)current)
+          current += rd_length;
+        else
+          return(0);
+
         break;
     }
   }
@@ -758,6 +764,12 @@
     return;
 
   /*
+   * check against possibly fake replies
+   */
+  if (!res_ourserver(&lsin))
+    return;
+
+  /*
    * convert DNS reply reader from Network byte order to CPU byte order.
    */
   header = (HEADER *)buf;
@@ -773,12 +785,6 @@
   if (0 == (request = find_id(header->id)))
     return;
 
-  /*
-   * check against possibly fake replies
-   */
-  if (!res_ourserver(&lsin))
-    return;
-
   if ((header->rcode != NO_ERRORS) || (header->ancount == 0))
   {
     if (SERVFAIL == header->rcode)
----------------------- End of diff -----------------------
_______________________________________________
Patches mailing list
[email protected]
http://undernet.sbg.org/mailman/listinfo/patches

[Patches] [CVS] Module ircu2.10: Change committed

Reply via email to