Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
net: dnsclient should be more robust against bogus UDP packets #13281
Currently package net's dnsclient gives up on trying to query a DNS server over UDP if it receives a bogus DNS response (e.g., not a DNS packet, mismatched query ID, wrong query name). This makes it a bit more vulnerable to DNS forgery attacks. It would be better if in these cases that dnsclient continued waiting until the deadline for a legitimate response.