User: Password:
|
|
Subscribe / Log in / New account

Potential pitfalls in DNS handling

Potential pitfalls in DNS handling

Posted Nov 16, 2012 23:50 UTC (Fri) by Comet (subscriber, #11646)
In reply to: Potential pitfalls in DNS handling by hawk
Parent article: Potential pitfalls in DNS handling

Yes; so when you perform a reverse DNS lookup, which can return arbitrary data, it is thus your responsibility, as an application using DNS, to enforce restrictions upon that value.

If the reverse DNS for an IP contains \r\n and you emit the IP to your logs, make sure you understand what is escaped where, to ensure that your logs don't have arbitrary records injected via DNS data.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds