upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-09 17:50:52 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib/dns/include
History
alessio 887502e37d Drop malformed notify messages early instead of decompressing them 
The DNS header shows if a message has multiple questions or invalid
NOTIFY sections. We can drop these messages early, right after parsing
the question. This matches RFC 9619 for multi-question messages and
Unbound's handling of NOTIFY.
To further add further robustness, we include an additional check for
unknown opcodes, and also drop those messages early.

Add early_sanity_check() function to check for these conditions:
- Messages with more than one question, as required by RFC 9619
- NOTIFY query messages containing answer sections (like Unbound)
- NOTIFY messages containing authority sections (like Unbound)
- Unknown opcodes.
2025-02-25 10:40:38 +01:00
..
dns Drop malformed notify messages early instead of decompressing them 2025-02-25 10:40:38 +01:00
dst Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
irs Remove C++ support from the public header 2024-12-18 13:10:39 +01:00
.clang-format Add separate .clang-format files for headers 2020-02-14 09:31:05 +01:00