1 From 1d07667ac77c55b9de56b1b2c385167e0e0ec27a Mon Sep 17 00:00:00 2001
2 From: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
3 Date: Mon, 11 Jul 2016 18:36:05 +0100
4 Subject: [PATCH] Fix logic error in Linux netlink code.
6 This could cause dnsmasq to enter a tight loop on systems
7 with a very large number of network interfaces.
10 src/netlink.c | 8 +++++++-
11 2 files changed, 13 insertions(+), 1 deletion(-)
13 diff --git a/CHANGELOG b/CHANGELOG
14 index 0559a6f..59c9c49 100644
17 @@ -11,6 +11,12 @@ version 2.77
18 Thanks to Mozilla for funding the security audit
19 which spotted this bug.
21 + Fix logic error in Linux netlink code. This could
22 + cause dnsmasq to enter a tight loop on systems
23 + with a very large number of network interfaces.
24 + Thanks to Ivan Kokshaysky for the diagnosis and
29 Include 0.0.0.0/8 in DNS rebind checks. This range
30 diff --git a/src/netlink.c b/src/netlink.c
31 index 049247b..8cd51af 100644
34 @@ -188,11 +188,17 @@ int iface_enumerate(int family, void *parm, int (*callback)())
37 for (h = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(h, (size_t)len); h = NLMSG_NEXT(h, len))
38 - if (h->nlmsg_seq != seq || h->nlmsg_pid != netlink_pid || h->nlmsg_type == NLMSG_ERROR)
39 + if (h->nlmsg_pid != netlink_pid || h->nlmsg_type == NLMSG_ERROR)
41 /* May be multicast arriving async */
44 + else if (h->nlmsg_seq != seq)
46 + /* May be part of incomplete response to previous request after
47 + ENOBUFS. Drop it. */
50 else if (h->nlmsg_type == NLMSG_DONE)
52 else if (h->nlmsg_type == RTM_NEWADDR && family != AF_UNSPEC && family != AF_LOCAL)
projects / ipfire-2.x.git / blob