resolved: enforce maximum limit on DNS transactions
given that DNSSEC lookups may result in quite a number of auxiliary transactions, let's better be safe than sorry and also enforce a limit on the number of total transactions, not just on the number of queries.
This commit is contained in:
parent
8f4560c7b9
commit
b214dc0f68
|
@ -31,6 +31,8 @@
|
|||
#include "resolved-llmnr.h"
|
||||
#include "string-table.h"
|
||||
|
||||
#define TRANSACTIONS_MAX 4096
|
||||
|
||||
static void dns_transaction_reset_answer(DnsTransaction *t) {
|
||||
assert(t);
|
||||
|
||||
|
@ -153,6 +155,9 @@ int dns_transaction_new(DnsTransaction **ret, DnsScope *s, DnsResourceKey *key)
|
|||
if (key->class != DNS_CLASS_IN && key->class != DNS_CLASS_ANY)
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
if (hashmap_size(s->manager->dns_transactions) >= TRANSACTIONS_MAX)
|
||||
return -EBUSY;
|
||||
|
||||
r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
|
Loading…
Reference in New Issue