From 2bdef61f35ae20a68ccf0e04087b23463e2fb904 Mon Sep 17 00:00:00 2001 From: Shreyas Zare Date: Sun, 30 Oct 2022 17:49:38 +0530 Subject: [PATCH] AuthZoneManager: updated ResolveCNAME() to detect CNAME loops. --- .../Dns/ZoneManagers/AuthZoneManager.cs | 23 +++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs b/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs index d3183e2a..1e13a4e9 100644 --- a/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs +++ b/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs @@ -258,19 +258,34 @@ namespace DnsServerCore.Dns.ZoneManagers do { - if (!_root.TryGet((lastCNAME.RDATA as DnsCNAMERecordData).Domain, out AuthZoneNode zoneNode)) + string cnameDomain = (lastCNAME.RDATA as DnsCNAMERecordData).Domain; + if (lastCNAME.Name.Equals(cnameDomain, StringComparison.OrdinalIgnoreCase)) + break; //loop detected + + if (!_root.TryGet(cnameDomain, out AuthZoneNode zoneNode)) break; IReadOnlyList records = zoneNode.QueryRecords(question.Type, dnssecOk); if (records.Count < 1) break; - answerRecords.AddRange(records); - DnsResourceRecord lastRR = records[records.Count - 1]; - if (lastRR.Type != DnsResourceRecordType.CNAME) + { + answerRecords.AddRange(records); break; + } + + foreach (DnsResourceRecord answerRecord in answerRecords) + { + if (answerRecord.Type != DnsResourceRecordType.CNAME) + continue; + + if (answerRecord.RDATA.Equals(lastRR.RDATA)) + return; //loop detected + } + + answerRecords.AddRange(records); lastCNAME = lastRR; }