From bc71fb3f360111a280a9e75fa4b6f9b8b8d7898c Mon Sep 17 00:00:00 2001
From: Jilles Tjoelker <jilles@stack.nl>
Date: Wed, 2 Jan 2008 22:32:09 +0100
Subject: [PATCH] Only accept 127.0.0.x as a dnsbl listing.

---
 src/blacklist.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/blacklist.c b/src/blacklist.c
index 382ea91..5054dfa 100644
--- a/src/blacklist.c
+++ b/src/blacklist.c
@@ -65,6 +65,7 @@ static struct Blacklist *find_blacklist(char *name)
 static void blacklist_dns_callback(void *vptr, struct DNSReply *reply)
 {
 	struct BlacklistClient *blcptr = (struct BlacklistClient *) vptr;
+	int listed = 0;
 
 	if (blcptr == NULL || blcptr->client_p == NULL)
 		return;
@@ -77,8 +78,15 @@ static void blacklist_dns_callback(void *vptr, struct DNSReply *reply)
 		return;
 	}
 
+	if (reply != NULL)
+	{
+		/* only accept 127.0.0.x as a listing */
+		listed = reply->addr.ss_family == AF_INET &&
+				!memcmp(&((struct sockaddr_in *)&reply->addr)->sin_addr, "\177\0\0", 3);
+	}
+
 	/* they have a blacklist entry for this client */
-	if (reply != NULL && blcptr->client_p->preClient->dnsbl_listed == NULL)
+	if (listed && blcptr->client_p->preClient->dnsbl_listed == NULL)
 	{
 		blcptr->client_p->preClient->dnsbl_listed = blcptr->blacklist;
 		/* reference to blacklist moves from blcptr to client_p->preClient... */