Possible System Compromise

Daniel Roesen droesen at entire-systems.com
Mon Feb 12 11:49:59 UTC 2001


On Mon, Feb 12, 2001 at 12:21:46PM +1100, Mark.Andrews at nominum.com wrote:
> -	if (bind(sp->s_rfd, (struct sockaddr *)&server_options->query_source,
> -		 sizeof server_options->query_source) < 0)
> +	src = server_options->query_source;
> +	src.sin_port = htons(0);
> +	if (bind(sp->s_rfd, (struct sockaddr *)&src, sizeof(src)) < 0)

If I'm not mistaken this patch makes BIND ignore query-source port
completely for TCP queries and always use 0 (INPORT_ANY)? This
should get documented, then.


Best regards,
Daniel

-- 
----------------------------------------------------------------------
entire systems GmbH         | droesen at entire-systems.com
Internet Services           | Phone: +49 2624 9550-55 
Ferbachstrasse 12           | Fax:   +49 2624 9550-20
D-56203 Hoehr-Grenzhausen   | http://www.entire-systems.com/
----------------------------------------------------------------------


More information about the bind-users mailing list