git.samba.org / pshilovsky / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 623c3a9) | patch
CVE-2018-14629 dns: CNAME loop prevention using counter
authorAaron Haslett <aaronhaslett@catalyst.net.nz>
Tue, 23 Oct 2018 04:25:51 +0000 (17:25 +1300)
committerKarolin Seeger <kseeger@samba.org>
Mon, 26 Nov 2018 07:54:31 +0000 (08:54 +0100)
commit86ddd7032489053acba6d240db5db7ef49c38429
tree591d86ccdbc8d4c1d71b4d1be93fbfa2632eaff6tree
parent623c3a99ef7c057fc6685d7671b6a81fdb537bfacommit | diff
CVE-2018-14629 dns: CNAME loop prevention using counter

Count number of answers generated by internal DNS query routine and stop at
20 to match Microsoft's loop prevention mechanism.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
python/samba/tests/dns.py diff | blob | history
selftest/knownfail.d/dns diff | blob | history
source4/dns_server/dns_query.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.