From their changelog: "...including a fix for a bug which allowed
malformed DNS records to cause netsplits on a network. Triggering this
issue is non-trivial and it may not occur in all circumstances, but all
users are advised to upgrade."
http://www.inspircd.org/2015/04/16/v2019-released.html
Relevant commit:
https://github.com/inspircd/inspircd/commit/6058483d9fbc1b904d5ae7cfea47bfcde5c5b559
@@ -700,8 +700,16 @@ DNSResult DNS::GetResult()
/* Identical handling to PTR */
case DNS_QUERY_PTR:
+ {
/* Reverse lookups just come back as char* */
resultstr = std::string((const char*)data.first);
+ if (resultstr.find_first_not_of("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-") != std::string::npos)
+ {
+ std::string ro = req->orig;
+ delete req;
+ return DNSResult(this_id | ERROR_MASK, "Invalid char(s) in reply", 0, ro);
+ }
+ }
break;
default: