[ejabberd] Important fix

Alexey Shchepin alexey at sevcom.net
Sat Mar 5 03:12:38 MSK 2005


Hi!

There is bug in erlang resolver, I highly recommend to patch inet_db.erl to
avoid DoS attack:

--- inet_db.erl.orig    Sat Mar  5 01:31:50 2005
+++ inet_db.erl Sat Mar  5 01:47:49 2005
@@ -546,7 +546,12 @@
            case res_lookup_type(Domain,?S_CNAME,RRs) of
                [] ->  {error, nxdomain};
                [CName | _] ->
-                   res_hostent_by_domain(CName, [Domain | Aliases], Type, RRs)
+                   case lists:member(CName, [Domain | Aliases]) of
+                       true -> {error, nxdomain};
+                       false ->
+                           res_hostent_by_domain(CName, [Domain | Aliases],
+                                                 Type, RRs)
+                   end
            end;
        Addrs ->
            {ok, make_hostent(Domain, Addrs, Aliases,Type)}



More information about the ejabberd mailing list