resolved: don't accept doing queries for invalid RR types

author Lennart Poettering <lennart@poettering.net>

Wed, 9 Dec 2015 18:08:45 +0000 (19:08 +0100)

committer Lennart Poettering <lennart@poettering.net>

Thu, 10 Dec 2015 10:35:52 +0000 (11:35 +0100)
author Lennart Poettering <lennart@poettering.net>
Wed, 9 Dec 2015 18:08:45 +0000 (19:08 +0100)
committer Lennart Poettering <lennart@poettering.net>
Thu, 10 Dec 2015 10:35:52 +0000 (11:35 +0100)
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c

index 00ecd3d..1dcd2c7 100644 (file)
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -106,6 +106,14 @@ int dns_transaction_new(DnsTransaction **ret, DnsScope *s, DnsResourceKey *key)
          assert(s);
          assert(key);
  
+        /* Don't allow looking up invalid or pseudo RRs */
+        if (IN_SET(key->type, DNS_TYPE_OPT, 0, DNS_TYPE_TSIG, DNS_TYPE_TKEY))
+                return -EINVAL;
+
+        /* We only support the IN class */
+        if (key->class != DNS_CLASS_IN)
+                return -EOPNOTSUPP;
+
          r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL);
          if (r < 0)
                  return r;
author	Lennart Poettering <lennart@poettering.net>
	Wed, 9 Dec 2015 18:08:45 +0000 (19:08 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Thu, 10 Dec 2015 10:35:52 +0000 (11:35 +0100)