Code review request, 7155051 jndi/dns, DNS provider may return incorrect results

Chris Hegarty chris.hegarty at
Mon Mar 19 22:13:22 PDT 2012

On 19/03/12 18:47, Xuelei Fan wrote:
> Hi,
> Please review the fix:
> webrev:

Wow, strange this wasn't seen before.

The change looks fine to me.


> Cause of the issue:
> The DNS provider attempts to check the XID of the response to make sure
> the response received from the server matches the requested XID.  If the
> response's XID does not match, the DNS provider caches the response in
> case another thread needs it.  However, the response is cached with the
> incorrect XID.  Therefore, when the lookup code continues, the current
> request receives an incorrect response.
> Thanks,
> Xuelei Fan

More information about the security-dev mailing list