[sr-dev] [PATCH] Do not make DNS queries for IP address literals

Wed, 20 Feb 2013 07:02:32 -0800 

Hello,
The current DNS code checks, when making an A query, whether the name is in fact an IPv4 address literal. Same for AAAA query with IPv6 address literal. This is good. 


However, nothing prevents A queries for IPv6 address literals or AAAA 
queries for IPv4 address literals. This is wrong.


Here's the bug in action (anonymized to protect the innocent):


1.2.3.4 -> 5.6.7.8 SIP 830 Request: ACK sip:[email protected]:5060;transport=udp
5.6.7.8 -> 1.2.3.4 DNS 72 Standard query AAAA 9.10.11.12



Attached is a simple patch to fix the bug (of which there are three 
distinct instances).


Comments?

Simon

diff --git a/dns_cache.c b/dns_cache.c
index 1f4ae82..b56e94d 100644
--- a/dns_cache.c
+++ b/dns_cache.c
@@ -1891,6 +1891,8 @@ inline static struct dns_hash_entry* 
dns_cache_do_request(str* name, int type)
 #endif /* USE_DNS_CACHE_STATS */
 
        if (type==T_A){
+               if (str2ip6(name)!=0)
+                       goto end;
                if ((ip=str2ip(name))!=0){
                                e=dns_cache_mk_ip_entry(name, ip);
                                if (likely(e))
@@ -1900,6 +1902,8 @@ inline static struct dns_hash_entry* 
dns_cache_do_request(str* name, int type)
        }
 #ifdef USE_IPV6
        else if (type==T_AAAA){
+               if (str2ip(name)!=0)
+                       goto end;
                if ((ip=str2ip6(name))!=0){
                                e=dns_cache_mk_ip_entry(name, ip);
                                if (likely(e))
@@ -2465,6 +2469,8 @@ inline static struct hostent* dns_a_get_he(str* name)
        struct hostent* he;
 
        e=0;
+       if (str2ip6(name)!=0)
+               return 0;
        if ((ip=str2ip(name))!=0){
                return ip_addr2he(name, ip);
        }
@@ -2489,6 +2495,8 @@ inline static struct hostent* dns_aaaa_get_he(str* name)
        struct hostent* he;
 
        e=0;
+       if (str2ip(name)!=0)
+               return 0;
        if ((ip=str2ip6(name))!=0){
                return ip_addr2he(name, ip);
        }
@@ -2963,6 +2971,8 @@ inline static int dns_a_resolve( struct dns_hash_entry** 
e,
        ret=-E_DNS_NO_IP;
        if (*e==0){ /* do lookup */
                /* if ip don't set *e */
+               if (str2ip6(name)!=0)
+                       goto error;
                if ((tmp=str2ip(name))!=0){
                        *ip=*tmp;
                        *rr_no=0;
@@ -3012,6 +3022,8 @@ inline static int dns_aaaa_resolve( struct 
dns_hash_entry** e,
        ret=-E_DNS_NO_IP;
        if (*e==0){ /* do lookup */
                /* if ip don't set *e */
+               if (str2ip(name)!=0)
+                       goto error;
                if ((tmp=str2ip6(name))!=0){
                        *ip=*tmp;
                        *rr_no=0;

_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev






















					Reply via email to