From a8f963a2803acef984c66cd1910631eb06363ac1 Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Wed, 4 Feb 2009 15:38:11 -0500 Subject: [PATCH] BF: anchoring regex for IP with " *$" at the end to forbid matching IP encoded in the hostname prior doing actual DNS lookup. It is quite important and actually security hazard: DoS is easy to perform... --- server/filter.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/server/filter.py b/server/filter.py index 457bb03..77042ad 100644 --- a/server/filter.py +++ b/server/filter.py @@ -492,7 +492,7 @@ import socket, struct class DNSUtils: - IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3}") + IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3} *$") #@staticmethod def dnsToIp(dns): -- 1.5.6.5