Commit cd83054c authored by Evan Hunt's avatar Evan Hunt
Browse files

Limit CNAME chains to 16, to avoid the possibility of an infinite CNAME loop


git-svn-id: svn://bind10.isc.org/svn/bind10/trunk@1301 e5f2f494-b856-4b98-b285-d166d9295462
parent f37dcf83
......@@ -128,6 +128,10 @@ chaseCname(Query& q, QueryTaskPtr task, RRsetPtr rrset)
return;
}
if (q.tooMany()) {
return;
}
q.tasks().push(QueryTaskPtr(
new QueryTask(dynamic_cast<const generic::CNAME&>
(it->getCurrent()).getCname(),
......
......@@ -102,6 +102,7 @@ Query::Query(Message& m, bool dnssec) :
qname_ = &question->getName();
qclass_ = &question->getClass();
qtype_ = &question->getType();
restarts_ = 0;
querytasks_.push(QueryTaskPtr(new QueryTask(*qname_, *qclass_, *qtype_,
Section::ANSWER())));
......
......@@ -204,6 +204,14 @@ public:
Status status() const { return status_; }
void setStatus(Status s) { status_ = s; }
// Limit CNAME chains to 16 per query, to avoid loops
inline bool tooMany() {
if (++restarts_ > MAX_RESTARTS) {
return (true);
}
return (false);
}
private:
Status status_;
......@@ -216,6 +224,9 @@ private:
bool want_additional_;
bool want_dnssec_;
static const int MAX_RESTARTS = 16;
int restarts_;
};
}
......
......@@ -473,9 +473,8 @@ TEST_F(DataSrcTest, DS) {
}
TEST_F(DataSrcTest, CNAMELoop) {
// This should not make the process hang
//createAndProcessQuery(msg, Name("loop1.example.com"), RRClass::IN(),
// RRType::A());
createAndProcessQuery(msg, Name("loop1.example.com"), RRClass::IN(),
RRType::A());
}
TEST_F(DataSrcTest, Nsec3Hash) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment