Changeset 608 for trunk/DNSDB.pm


Ignore:
Timestamp:
04/04/14 16:32:11 (10 years ago)
Author:
Kris Deugau
Message:

/trunk

To override the note in r607; NetAddr::IP will resolve hostnames or domain
names by way of gethostbyname() and use the resulting IP to create the
object. In most cases this shouldn't be an issue but some code segments
will now need an additional regex check before feeding things to NetAddr::IP
to ensure strange local DNS data doesn't cause user input to get mangled.

Fix code comment from r607; the bug is arguably in my use of NetAddr::IP
to answer "Is this an IP address?".

Remove NetAddr:IP call from a segment in dns.cgi; a simple regex check on
the zone CIDR retrieved from the database should be enough to answer "Is
this an IPv6 zone?".

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/DNSDB.pm

    r607 r608  
    37493749        ($self->{showrev_arpa} eq 'record' || $self->{showrev_arpa} eq 'all') &&
    37503750        $rec->{val} !~ /\.arpa$/ ) {
    3751       # note we're sneakily skipping all reverse zone .arpa "hostnames" on the excuse
    3752       # that this fragment won't do anything anyway.  however:
    3753       # knurd.5.0.0.0.b.0.0.b.5.b.0.b.f.e.e.b.d.a.e.d.ip6.arpa -> 192.168.7.6/32
    3754       # when fed to NetAddr::IP.  O_o  (At least 4.058, .062, and .071, on CentOS 5 and Debian wheezy and sid)
     3751      # skip all reverse zone .arpa "hostnames" since they're already .arpa names.
    37553752##enhance:  extend {showrev_arpa} eq 'record' to specify record types
    37563753      my $tmpip = new NetAddr::IP $rec->{val};
Note: See TracChangeset for help on using the changeset viewer.