Permalink
Browse files

Patch to fix ghost domain attack vulnerability.

Applied a security patch to fix ghost domain attack vulnerability
CVE-2012-1911, BZ#838761.

 -> http://marc.info/?l=djbdns&m=134269902121506&w=2

The original patch was written by Mr Peter Conrad. While the issue
was created by Mr Mark Johnson. Sincere thanks to both Mark & Peter.
  • Loading branch information...
pjps committed Jan 13, 2013
1 parent 26bc58e commit c90dbbbac5622e2744733f39e037263e63b51266
Showing with 10 additions and 0 deletions.
  1. +10 −0 query.c
View
10 query.c
@@ -878,6 +878,16 @@ doit (struct query *z, int state)
i = j;
continue;
}
if (!flagforwardonly && byte_equal (type, 2, DNS_T_NS)
&& dns_domain_equal (t1, control))
{
char dummy[256];
if (!roots (dummy, control))
{
i = j;
continue;
}
}
if (!roots_same (t1, control))
{
i = j;

0 comments on commit c90dbbb

Please sign in to comment.