resolved: enforce maximum limit on DNS transactions
given that DNSSEC lookups may result in quite a number of auxiliary transactions, let's better be safe than sorry and also enforce a limit on the number of total transactions, not just on the number of queries.
This commit is contained in:
parent
8f4560c7b9
commit
b214dc0f68
|
@ -31,6 +31,8 @@
|
||||||
#include "resolved-llmnr.h"
|
#include "resolved-llmnr.h"
|
||||||
#include "string-table.h"
|
#include "string-table.h"
|
||||||
|
|
||||||
|
#define TRANSACTIONS_MAX 4096
|
||||||
|
|
||||||
static void dns_transaction_reset_answer(DnsTransaction *t) {
|
static void dns_transaction_reset_answer(DnsTransaction *t) {
|
||||||
assert(t);
|
assert(t);
|
||||||
|
|
||||||
|
@ -153,6 +155,9 @@ int dns_transaction_new(DnsTransaction **ret, DnsScope *s, DnsResourceKey *key)
|
||||||
if (key->class != DNS_CLASS_IN && key->class != DNS_CLASS_ANY)
|
if (key->class != DNS_CLASS_IN && key->class != DNS_CLASS_ANY)
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
|
|
||||||
|
if (hashmap_size(s->manager->dns_transactions) >= TRANSACTIONS_MAX)
|
||||||
|
return -EBUSY;
|
||||||
|
|
||||||
r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL);
|
r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
Loading…
Reference in New Issue