diff options
author | Aaron Haslett <aaronhaslett@catalyst.net.nz> | 2018-10-23 17:25:51 +1300 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2018-11-26 09:38:10 +0100 |
commit | f7a8294d65e5a7424da93499074a30cb65418ce7 (patch) | |
tree | e236e19ed9619d96ea43859660aa2aff35842e59 /python/samba/tests/dns.py | |
parent | 322992344246a880430de38c27aabc6135a85147 (diff) | |
download | samba-f7a8294d65e5a7424da93499074a30cb65418ce7.tar.gz |
CVE-2018-14629 dns: CNAME loop prevention using counter
Count number of answers generated by internal DNS query routine and stop at
20 to match Microsoft's loop prevention mechanism.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Diffstat (limited to 'python/samba/tests/dns.py')
-rw-r--r-- | python/samba/tests/dns.py | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py index 1b5b64da3a4..3390a3990c9 100644 --- a/python/samba/tests/dns.py +++ b/python/samba/tests/dns.py @@ -798,6 +798,30 @@ class TestComplexQueries(DNSTest): self.assertEquals(response.answers[1].name, name2) self.assertEquals(response.answers[1].rdata, name0) + def test_cname_loop(self): + cname1 = "cnamelooptestrec." + self.get_dns_domain() + cname2 = "cnamelooptestrec2." + self.get_dns_domain() + cname3 = "cnamelooptestrec3." + self.get_dns_domain() + self.make_dns_update(cname1, cname2, dnsp.DNS_TYPE_CNAME) + self.make_dns_update(cname2, cname3, dnsp.DNS_TYPE_CNAME) + self.make_dns_update(cname3, cname1, dnsp.DNS_TYPE_CNAME) + + p = self.make_name_packet(dns.DNS_OPCODE_QUERY) + questions = [] + + q = self.make_name_question(cname1, + dns.DNS_QTYPE_A, + dns.DNS_QCLASS_IN) + questions.append(q) + self.finish_name_packet(p, questions) + + (response, response_packet) =\ + self.dns_transaction_udp(p, host=self.server_ip) + + max_recursion_depth = 20 + self.assertEquals(len(response.answers), max_recursion_depth) + + class TestInvalidQueries(DNSTest): def setUp(self): super(TestInvalidQueries, self).setUp() |