[ejabberd] Important fix

Alexey Shchepin alexey at sevcom.net
Tue Mar 15 11:12:53 MSK 2005


Hi!

On Sat, 05 Mar 2005 02:12:38 +0200, I said:

 AS> Hi!  There is bug in erlang resolver, I highly recommend to patch
 AS> inet_db.erl to avoid DoS attack:

Sorry, this patch fixes only part of problem.  Corrected patch:

--- inet_db.erl.orig    Sat Mar  5 01:31:50 2005
+++ inet_db.erl Tue Mar 15 10:58:50 2005
@@ -511,7 +511,12 @@
            case lookup_cname(Domain) of
                [] ->  {error, nxdomain};
                [CName | _] ->
-                   hostent_by_domain(CName, [Domain | Aliases], Type)
+                   case lists:member(CName, [Domain | Aliases]) of
+                        true -> {error, nxdomain};
+                        false ->
+                              hostent_by_domain(CName, [Domain | Aliases],
+                                                 Type)
+                   end
            end;
        Addrs ->
            {ok, make_hostent(Domain, Addrs, Aliases,Type)}
@@ -546,7 +551,12 @@
            case res_lookup_type(Domain,?S_CNAME,RRs) of
                [] ->  {error, nxdomain};
                [CName | _] ->
-                   res_hostent_by_domain(CName, [Domain | Aliases], Type, RRs)
+                   case lists:member(CName, [Domain | Aliases]) of
+                       true -> {error, nxdomain};
+                       false ->
+                           res_hostent_by_domain(CName, [Domain | Aliases],
+                                                 Type, RRs)
+                   end
            end;
        Addrs ->
            {ok, make_hostent(Domain, Addrs, Aliases,Type)}



More information about the ejabberd mailing list