From 76e8677699ed098387d502c57980f58da642aeba Mon Sep 17 00:00:00 2001
From: paulc <paulc@>
Date: Sun, 9 Jan 2022 23:10:16 +0000
Subject: [PATCH] Validate TXID in client.py (Issue #30 - thanks to @daniel4x)

---
 README             | 2 ++
 dnslib/__init__.py | 4 +++-
 dnslib/client.py   | 3 +++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/README b/README
index 21e1cdc..604f409 100644
--- a/README
+++ b/README
@@ -357,6 +357,8 @@ Changelog:
                             Add support for all RR types to NSEC type bitmap
                          Merge pull request #17 from sunds/issue_16
                             Issue 16: uncaught exceptions leak open sockets
+ *   0.9.17  2022-01-09  Validate TXID in client.py (Issue #30 - thanks to @daniel4x)
+                       
 
 License:
 --------
diff --git a/dnslib/__init__.py b/dnslib/__init__.py
index 8844eea..2511c59 100644
--- a/dnslib/__init__.py
+++ b/dnslib/__init__.py
@@ -359,6 +359,8 @@
                             Add support for all RR types to NSEC type bitmap
                          Merge pull request #17 from sunds/issue_16
                             Issue 16: uncaught exceptions leak open sockets
+ *   0.9.17  2022-01-09  Validate TXID in client.py (Issue #30 - thanks to @daniel4x)
+                       
 
 License:
 --------
@@ -381,7 +383,7 @@
 
 from dnslib.dns import *
 
-version = "0.9.16"
+version = "0.9.17"
 
 if __name__ == '__main__':
     import doctest,sys,textwrap
diff --git a/dnslib/client.py b/dnslib/client.py
index 628ea81..09572b6 100644
--- a/dnslib/client.py
+++ b/dnslib/client.py
@@ -76,6 +76,9 @@
         a_pkt = q.send(address,port,tcp=args.tcp)
         a = DNSRecord.parse(a_pkt)
 
+        if q.header.id != a.header.id:
+            raise DNSError('Response transaction id does not match query transaction id')
+
         if a.header.tc and args.noretry == False:
             # Truncated - retry in TCP mode
             a_pkt = q.send(address,port,tcp=True)