[sr-dev] [PATCH] Do not make DNS queries for IP address literals

Simon Perreault simon.perreault at viagenie.ca
Wed Feb 20 16:03:11 CET 2013


Hello,

The current DNS code checks, when making an A query, whether the name is 
in fact an IPv4 address literal. Same for AAAA query with IPv6 address 
literal. This is good.

However, nothing prevents A queries for IPv6 address literals or AAAA 
queries for IPv4 address literals. This is wrong.

Here's the bug in action (anonymized to protect the innocent):

> 1.2.3.4 -> 5.6.7.8 SIP 830 Request: ACK sip:foobar at 9.10.11.12:5060;transport=udp
> 5.6.7.8 -> 1.2.3.4 DNS 72 Standard query AAAA 9.10.11.12

Attached is a simple patch to fix the bug (of which there are three 
distinct instances).

Comments?

Simon
-------------- next part --------------
diff --git a/dns_cache.c b/dns_cache.c
index 1f4ae82..b56e94d 100644
--- a/dns_cache.c
+++ b/dns_cache.c
@@ -1891,6 +1891,8 @@ inline static struct dns_hash_entry* dns_cache_do_request(str* name, int type)
 #endif /* USE_DNS_CACHE_STATS */
 
 	if (type==T_A){
+		if (str2ip6(name)!=0)
+			goto end;
 		if ((ip=str2ip(name))!=0){
 				e=dns_cache_mk_ip_entry(name, ip);
 				if (likely(e))
@@ -1900,6 +1902,8 @@ inline static struct dns_hash_entry* dns_cache_do_request(str* name, int type)
 	}
 #ifdef USE_IPV6
 	else if (type==T_AAAA){
+		if (str2ip(name)!=0)
+			goto end;
 		if ((ip=str2ip6(name))!=0){
 				e=dns_cache_mk_ip_entry(name, ip);
 				if (likely(e))
@@ -2465,6 +2469,8 @@ inline static struct hostent* dns_a_get_he(str* name)
 	struct hostent* he;
 
 	e=0;
+	if (str2ip6(name)!=0)
+		return 0;
 	if ((ip=str2ip(name))!=0){
 		return ip_addr2he(name, ip);
 	}
@@ -2489,6 +2495,8 @@ inline static struct hostent* dns_aaaa_get_he(str* name)
 	struct hostent* he;
 
 	e=0;
+	if (str2ip(name)!=0)
+		return 0;
 	if ((ip=str2ip6(name))!=0){
 		return ip_addr2he(name, ip);
 	}
@@ -2963,6 +2971,8 @@ inline static int dns_a_resolve( struct dns_hash_entry** e,
 	ret=-E_DNS_NO_IP;
 	if (*e==0){ /* do lookup */
 		/* if ip don't set *e */
+		if (str2ip6(name)!=0)
+			goto error;
 		if ((tmp=str2ip(name))!=0){
 			*ip=*tmp;
 			*rr_no=0;
@@ -3012,6 +3022,8 @@ inline static int dns_aaaa_resolve( struct dns_hash_entry** e,
 	ret=-E_DNS_NO_IP;
 	if (*e==0){ /* do lookup */
 		/* if ip don't set *e */
+		if (str2ip(name)!=0)
+			goto error;
 		if ((tmp=str2ip6(name))!=0){
 			*ip=*tmp;
 			*rr_no=0;


More information about the sr-dev mailing list