diff options
author | Jeremy Allison <jra@samba.org> | 2012-04-27 16:25:58 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2012-04-30 09:26:37 -0700 |
commit | 11973608186926e5417ee81c8709ea5b0a7ef2e1 (patch) | |
tree | 1569596ff4329e56f516df39afe14200eade3e4c /source3/libsmb | |
parent | 50766a72f9ce42d9f5fd2ce713c9b3039aa8bc2b (diff) | |
download | samba-11973608186926e5417ee81c8709ea5b0a7ef2e1.tar.gz samba-11973608186926e5417ee81c8709ea5b0a7ef2e1.tar.bz2 samba-11973608186926e5417ee81c8709ea5b0a7ef2e1.zip |
Protect all of the name resolution methods from returning null addrs. Ensure all returns go through remove_duplicate_addrs2().
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/namequery.c | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 494836d4b2..f2c8d4a2f7 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -1367,6 +1367,10 @@ static bool name_query_validator(struct packet_struct *p, void *private_data) putip((char *)&ip,&nmb->answers->rdata[2+i*6]); in_addr_to_sockaddr_storage(&addr, ip); + if (is_zero_addr(&addr)) { + continue; + } + for (j=0; j<state->num_addrs; j++) { if (sockaddr_equal( (struct sockaddr *)(void *)&addr, @@ -2374,6 +2378,10 @@ static NTSTATUS resolve_hosts(const char *name, int name_type, ZERO_STRUCT(ss); memcpy(&ss, res->ai_addr, res->ai_addrlen); + if (is_zero_addr(&ss)) { + continue; + } + *return_count += 1; *return_iplist = SMB_REALLOC_ARRAY(*return_iplist, @@ -2565,6 +2573,10 @@ NTSTATUS internal_resolve_name(const char *name, SAFE_FREE(*return_iplist); return NT_STATUS_INVALID_PARAMETER; } + if (is_zero_addr(&(*return_iplist)->ss)) { + SAFE_FREE(*return_iplist); + return NT_STATUS_UNSUCCESSFUL; + } *return_count = 1; return NT_STATUS_OK; } @@ -2572,6 +2584,8 @@ NTSTATUS internal_resolve_name(const char *name, /* Check name cache */ if (namecache_fetch(name, name_type, return_iplist, return_count)) { + *return_count = remove_duplicate_addrs2(*return_iplist, + *return_count ); /* This could be a negative response */ if (*return_count > 0) { return NT_STATUS_OK; @@ -2679,10 +2693,7 @@ NTSTATUS internal_resolve_name(const char *name, controllers including the PDC in iplist[1..n]. Iterating over the iplist when the PDC is down will cause two sets of timeouts. */ - if ( *return_count ) { - *return_count = remove_duplicate_addrs2(*return_iplist, - *return_count ); - } + *return_count = remove_duplicate_addrs2(*return_iplist, *return_count ); /* Save in name cache */ if ( DEBUGLEVEL >= 100 ) { @@ -2698,7 +2709,9 @@ NTSTATUS internal_resolve_name(const char *name, } } - namecache_store(name, name_type, *return_count, *return_iplist); + if (*return_count) { + namecache_store(name, name_type, *return_count, *return_iplist); + } /* Display some debugging info */ @@ -3163,10 +3176,7 @@ static NTSTATUS get_dc_list(const char *domain, /* need to remove duplicates in the list if we have any explicit password servers */ - if (local_count) { - local_count = remove_duplicate_addrs2(return_iplist, - local_count ); - } + local_count = remove_duplicate_addrs2(return_iplist, local_count ); /* For DC's we always prioritize IPv4 due to W2K3 not * supporting LDAP, KRB5 or CLDAP over IPv6. */ |