Blame 0001-BF-anchoring-regex-for-IP-with-at-the-end.patch
|
|
08b9eed |
From a8f963a2803acef984c66cd1910631eb06363ac1 Mon Sep 17 00:00:00 2001
|
|
|
08b9eed |
From: Yaroslav Halchenko <debian@onerussian.com>
|
|
|
08b9eed |
Date: Wed, 4 Feb 2009 15:38:11 -0500
|
|
|
08b9eed |
Subject: [PATCH] BF: anchoring regex for IP with " *$" at the end
|
|
|
08b9eed |
|
|
|
08b9eed |
to forbid matching IP encoded in the hostname prior doing actual DNS
|
|
|
08b9eed |
lookup.
|
|
|
08b9eed |
|
|
|
08b9eed |
It is quite important and actually security hazard: DoS is easy to
|
|
|
08b9eed |
perform...
|
|
|
08b9eed |
---
|
|
|
08b9eed |
server/filter.py | 2 +-
|
|
|
08b9eed |
1 files changed, 1 insertions(+), 1 deletions(-)
|
|
|
08b9eed |
|
|
|
08b9eed |
diff --git a/server/filter.py b/server/filter.py
|
|
|
08b9eed |
index 457bb03..77042ad 100644
|
|
|
08b9eed |
--- a/server/filter.py
|
|
|
08b9eed |
+++ b/server/filter.py
|
|
|
08b9eed |
@@ -492,7 +492,7 @@ import socket, struct
|
|
|
08b9eed |
|
|
|
08b9eed |
class DNSUtils:
|
|
|
08b9eed |
|
|
|
08b9eed |
- IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3}")
|
|
|
08b9eed |
+ IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3} *$")
|
|
|
08b9eed |
|
|
|
08b9eed |
#@staticmethod
|
|
|
08b9eed |
def dnsToIp(dns):
|
|
|
08b9eed |
--
|
|
|
08b9eed |
1.5.6.5
|
|
|
08b9eed |
|