aboutsummaryrefslogtreecommitdiffstats
path: root/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
blob: 513489fa5b741b145921040ba0555f7bdc3cdea1 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
diff --git a/avahi-core/server.c b/avahi-core/server.c
index a2cb19a..a2580e3 100644
--- a/avahi-core/server.c
+++ b/avahi-core/server.c
@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
 
     if (avahi_dns_packet_is_query(p)) {
         int legacy_unicast = 0;
+        char t[AVAHI_ADDRESS_STR_MAX];
 
         /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the
          * AR section completely here, so far. Until the day we add
@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
             legacy_unicast = 1;
         }
 
+        if (!is_mdns_mcast_address(dst_address) &&
+            !avahi_interface_address_on_link(i, src_address)) {
+
+            avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol);
+            return;
+        }
+
         if (legacy_unicast)
             reflect_legacy_unicast_query_packet(s, p, i, src_address, port);