Code review request, 7155051 jndi/dns, DNS provider may return incorrect results

Xuelei Fan at
Mon Mar 19 18:47:42 PDT 2012


Please review the fix:

Cause of the issue:

The DNS provider attempts to check the XID of the response to make sure
the response received from the server matches the requested XID.  If the
response's XID does not match, the DNS provider caches the response in
case another thread needs it.  However, the response is cached with the
incorrect XID.  Therefore, when the lookup code continues, the current
request receives an incorrect response.

Xuelei Fan

More information about the security-dev mailing list