aboutsummaryrefslogtreecommitdiffstats
path: root/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch')
-rw-r--r--main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch b/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
new file mode 100644
index 0000000000..513489fa5b
--- /dev/null
+++ b/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
@@ -0,0 +1,27 @@
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index a2cb19a..a2580e3 100644
+--- a/avahi-core/server.c
++++ b/avahi-core/server.c
+@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+
+ if (avahi_dns_packet_is_query(p)) {
+ int legacy_unicast = 0;
++ char t[AVAHI_ADDRESS_STR_MAX];
+
+ /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the
+ * AR section completely here, so far. Until the day we add
+@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+ legacy_unicast = 1;
+ }
+
++ if (!is_mdns_mcast_address(dst_address) &&
++ !avahi_interface_address_on_link(i, src_address)) {
++
++ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol);
++ return;
++ }
++
+ if (legacy_unicast)
+ reflect_legacy_unicast_query_packet(s, p, i, src_address, port);
+
+