summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSeonah Moon <seonah1.moon@samsung.com>2016-09-22 10:22:33 +0900
committerSeonah Moon <seonah1.moon@samsung.com>2016-09-22 10:22:47 +0900
commitbfe353fab22064f77f3ad423b95b848dcbad21b7 (patch)
treefe427d1440751f420666a1a7ad438860d11ab426
parent30705949eb416d4de8f909857087eab261d30647 (diff)
downloaddnsmasq-accepted/tizen/wearable/20160922.233156.tar.gz
dnsmasq-accepted/tizen/wearable/20160922.233156.tar.bz2
dnsmasq-accepted/tizen/wearable/20160922.233156.zip
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. - CVE: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899 - Patch: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 Change-Id: If86a54c0696fea852bb9bc2f8aeece6bd6bb1598 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
-rw-r--r--src/cache.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cache.c b/src/cache.c
index 178d654..1b76b67 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -481,7 +481,7 @@ struct crec *cache_insert(char *name, struct all_addr *addr,
existing record is for an A or AAAA and
the record we're trying to insert is the same,
just drop the insert, but don't error the whole process. */
- if ((flags & (F_IPV4 | F_IPV6)) && (flags & F_FORWARD))
+ if ((flags & (F_IPV4 | F_IPV6)) && (flags & F_FORWARD) && addr)
{
if ((flags & F_IPV4) && (new->flags & F_IPV4) &&
new->addr.addr.addr.addr4.s_addr == addr->addr.addr4.s_addr)