Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00
Code Issues Packages Projects Releases Wiki Activity

Ensure localhost has a correct response when hosts_disable is set

Browse Source 
To prevent a bad response from a malicious DNS upstream

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-04-20 21:09:28 -04:00
parent c2e60b94bb
commit 879256139f
2 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Patches/LineageOS-18.1/android_bionic/0003-hosts_toggle.patch
View File

@ -1,4 +1,4 @@
From f5cc53d8d4dfcffe5d1c7b029078803112e79919 Mon Sep 17 00:00:00 2001 From f4290ee3eceb3843429255aeae9a86dc19b24312 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us> From: Tad <tad@spotco.us>
Date: Wed, 20 Apr 2022 00:40:52 -0400 Date: Wed, 20 Apr 2022 00:40:52 -0400
Subject: [PATCH] Add a toggle to disable /etc/hosts lookup Subject: [PATCH] Add a toggle to disable /etc/hosts lookup
@ -10,7 +10,7 @@ Change-Id: I92679c57e73228dc194e61a86ea1a18b2ac90e04
1 file changed, 6 insertions(+) 1 file changed, 6 insertions(+)
diff --git a/libc/dns/net/getaddrinfo.c b/libc/dns/net/getaddrinfo.c diff --git a/libc/dns/net/getaddrinfo.c b/libc/dns/net/getaddrinfo.c
index cc94b21e2..36c887a38 100644 index cc94b21e2..12294da04 100644
--- a/libc/dns/net/getaddrinfo.c --- a/libc/dns/net/getaddrinfo.c
+++ b/libc/dns/net/getaddrinfo.c +++ b/libc/dns/net/getaddrinfo.c
@@ -83,6 +83,7 @@ @@ -83,6 +83,7 @@
@ -21,18 +21,18 @@ index cc94b21e2..36c887a38 100644
#include <sys/un.h> #include <sys/un.h>
#include <net/if.h> #include <net/if.h>
#include <netinet/in.h> #include <netinet/in.h>
@@ -2118,6 +2119,11 @@ found: @@ -2127,6 +2128,11 @@ _files_getaddrinfo(void *rv, void *cb_data, va_list ap)
static int name = va_arg(ap, char *);
_files_getaddrinfo(void *rv, void *cb_data, va_list ap) pai = va_arg(ap, struct addrinfo *);
{
+ char value[PROP_VALUE_MAX] = { 0 }; + char value[PROP_VALUE_MAX] = { 0 };
+ if (__system_property_get("persist.security.hosts_disable", value) != 0) + if (__system_property_get("persist.security.hosts_disable", value) != 0)
+ if (atoi(value) != 0) + if (atoi(value) != 0 && strcmp(name, "localhost") != 0 && strcmp(name, "ip6-localhost") != 0)
+ return NS_NOTFOUND; + return NS_NOTFOUND;
+ +
const char *name; memset(&sentinel, 0, sizeof(sentinel));
const struct addrinfo *pai; cur = &sentinel;
struct addrinfo sentinel, *cur; int gai_error = hc_getaddrinfo(name, NULL, pai, &cur);
-- --
2.36.0 2.36.0

6
Patches/LineageOS-18.1/android_packages_modules_DnsResolver/0001-hosts_toggle.patch
View File

@ -1,4 +1,4 @@
From 738d94379dccd89de898b2de0d4ad97a57d8c8f8 Mon Sep 17 00:00:00 2001 From 91bae24269ae01b7c4508276e21e7417c24ce5e4 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us> From: Tad <tad@spotco.us>
Date: Wed, 20 Apr 2022 00:40:53 -0400 Date: Wed, 20 Apr 2022 00:40:53 -0400
Subject: [PATCH] Add a toggle to disable /etc/hosts lookup Subject: [PATCH] Add a toggle to disable /etc/hosts lookup
@ -10,7 +10,7 @@ Change-Id: Iea165003474e1107dc77980985bf9928c369dbb5
1 file changed, 4 insertions(+) 1 file changed, 4 insertions(+)
diff --git a/getaddrinfo.cpp b/getaddrinfo.cpp diff --git a/getaddrinfo.cpp b/getaddrinfo.cpp
index 071f6ac..14891fc 100644 index 071f6ac..955b5c2 100644
--- a/getaddrinfo.cpp --- a/getaddrinfo.cpp
+++ b/getaddrinfo.cpp +++ b/getaddrinfo.cpp
@@ -57,6 +57,7 @@ @@ -57,6 +57,7 @@
@ -25,7 +25,7 @@ index 071f6ac..14891fc 100644
static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai, static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai,
addrinfo** res) { addrinfo** res) {
+ if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) + if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost")
+ return false; + return false;
+ +
struct addrinfo sentinel = {}; struct addrinfo sentinel = {};