mirror of
https://github.com/systemd/systemd.git
synced 2024-10-30 14:55:37 +03:00
network: ndisc: do not accept too many DNS servers or domains
If there exists multiple routers, then the previous logic may introduce too many DNS servers or domains.
This commit is contained in:
parent
af2aea8bb6
commit
8aba7b839b
@ -587,7 +587,7 @@ static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) {
|
||||
uint32_t lifetime_sec;
|
||||
const struct in6_addr *a;
|
||||
struct in6_addr router;
|
||||
bool updated = false;
|
||||
bool updated = false, logged_about_too_many = false;
|
||||
int n, r;
|
||||
|
||||
assert(link);
|
||||
@ -615,11 +615,6 @@ static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) {
|
||||
if (n < 0)
|
||||
return log_link_error_errno(link, n, "Failed to get RDNSS addresses: %m");
|
||||
|
||||
if (n >= (int) NDISC_RDNSS_MAX) {
|
||||
log_link_warning(link, "Too many RDNSS records per link. Only first %u records will be used.", NDISC_RDNSS_MAX);
|
||||
n = NDISC_RDNSS_MAX;
|
||||
}
|
||||
|
||||
for (int j = 0; j < n; j++) {
|
||||
_cleanup_free_ NDiscRDNSS *x = NULL;
|
||||
NDiscRDNSS *rdnss, d = {
|
||||
@ -640,6 +635,13 @@ static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (set_size(link->ndisc_rdnss) >= NDISC_RDNSS_MAX) {
|
||||
if (!logged_about_too_many)
|
||||
log_link_warning(link, "Too many RDNSS records per link. Only first %u records will be used.", NDISC_RDNSS_MAX);
|
||||
logged_about_too_many = true;
|
||||
continue;
|
||||
}
|
||||
|
||||
x = new(NDiscRDNSS, 1);
|
||||
if (!x)
|
||||
return log_oom();
|
||||
@ -684,7 +686,7 @@ static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
|
||||
usec_t lifetime_usec, timestamp_usec;
|
||||
struct in6_addr router;
|
||||
uint32_t lifetime_sec;
|
||||
bool updated = false;
|
||||
bool updated = false, logged_about_too_many = false;
|
||||
int r;
|
||||
|
||||
assert(link);
|
||||
@ -712,12 +714,6 @@ static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
|
||||
if (r < 0)
|
||||
return log_link_error_errno(link, r, "Failed to get DNSSL addresses: %m");
|
||||
|
||||
if (strv_length(l) >= NDISC_DNSSL_MAX) {
|
||||
log_link_warning(link, "Too many DNSSL records per link. Only first %u records will be used.", NDISC_DNSSL_MAX);
|
||||
STRV_FOREACH(j, l + NDISC_DNSSL_MAX)
|
||||
*j = mfree(*j);
|
||||
}
|
||||
|
||||
STRV_FOREACH(j, l) {
|
||||
_cleanup_free_ NDiscDNSSL *s = NULL;
|
||||
NDiscDNSSL *dnssl;
|
||||
@ -742,6 +738,13 @@ static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (set_size(link->ndisc_dnssl) >= NDISC_DNSSL_MAX) {
|
||||
if (!logged_about_too_many)
|
||||
log_link_warning(link, "Too many DNSSL records per link. Only first %u records will be used.", NDISC_DNSSL_MAX);
|
||||
logged_about_too_many = true;
|
||||
continue;
|
||||
}
|
||||
|
||||
s->router = router;
|
||||
s->lifetime_usec = lifetime_usec;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user