[sr-dev] [PATCH] Do not make DNS queries for IP address literals
Simon Perreault
simon.perreault at viagenie.ca
Wed Feb 20 16:03:11 CET 2013
Hello,
The current DNS code checks, when making an A query, whether the name is
in fact an IPv4 address literal. Same for AAAA query with IPv6 address
literal. This is good.
However, nothing prevents A queries for IPv6 address literals or AAAA
queries for IPv4 address literals. This is wrong.
Here's the bug in action (anonymized to protect the innocent):
> 1.2.3.4 -> 5.6.7.8 SIP 830 Request: ACK sip:foobar at 9.10.11.12:5060;transport=udp
> 5.6.7.8 -> 1.2.3.4 DNS 72 Standard query AAAA 9.10.11.12
Attached is a simple patch to fix the bug (of which there are three
distinct instances).
Comments?
Simon
-------------- next part --------------
diff --git a/dns_cache.c b/dns_cache.c
index 1f4ae82..b56e94d 100644
--- a/dns_cache.c
+++ b/dns_cache.c
@@ -1891,6 +1891,8 @@ inline static struct dns_hash_entry* dns_cache_do_request(str* name, int type)
#endif /* USE_DNS_CACHE_STATS */
if (type==T_A){
+ if (str2ip6(name)!=0)
+ goto end;
if ((ip=str2ip(name))!=0){
e=dns_cache_mk_ip_entry(name, ip);
if (likely(e))
@@ -1900,6 +1902,8 @@ inline static struct dns_hash_entry* dns_cache_do_request(str* name, int type)
}
#ifdef USE_IPV6
else if (type==T_AAAA){
+ if (str2ip(name)!=0)
+ goto end;
if ((ip=str2ip6(name))!=0){
e=dns_cache_mk_ip_entry(name, ip);
if (likely(e))
@@ -2465,6 +2469,8 @@ inline static struct hostent* dns_a_get_he(str* name)
struct hostent* he;
e=0;
+ if (str2ip6(name)!=0)
+ return 0;
if ((ip=str2ip(name))!=0){
return ip_addr2he(name, ip);
}
@@ -2489,6 +2495,8 @@ inline static struct hostent* dns_aaaa_get_he(str* name)
struct hostent* he;
e=0;
+ if (str2ip(name)!=0)
+ return 0;
if ((ip=str2ip6(name))!=0){
return ip_addr2he(name, ip);
}
@@ -2963,6 +2971,8 @@ inline static int dns_a_resolve( struct dns_hash_entry** e,
ret=-E_DNS_NO_IP;
if (*e==0){ /* do lookup */
/* if ip don't set *e */
+ if (str2ip6(name)!=0)
+ goto error;
if ((tmp=str2ip(name))!=0){
*ip=*tmp;
*rr_no=0;
@@ -3012,6 +3022,8 @@ inline static int dns_aaaa_resolve( struct dns_hash_entry** e,
ret=-E_DNS_NO_IP;
if (*e==0){ /* do lookup */
/* if ip don't set *e */
+ if (str2ip(name)!=0)
+ goto error;
if ((tmp=str2ip6(name))!=0){
*ip=*tmp;
*rr_no=0;
More information about the sr-dev
mailing list