d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Upgrade to 9.8.3-P1, the latest from ISC. This version contains

Browse Source 
a critical bugfix:

  Processing of DNS resource records where the rdata field is zero length
  may cause various issues for the servers handling them.

  Processing of these records may lead to unexpected outcomes. Recursive
  servers may crash or disclose some portion of memory to the client.
  Secondary servers may crash on restart after transferring a zone
  containing these records. Master servers may corrupt zone data if the
  zone option "auto-dnssec" is set to "maintain". Other unexpected
  problems that are not listed here may also be encountered.

All BIND users are strongly encouraged to upgrade.
This commit is contained in:
Doug Barton 2012-06-04 22:11:20 +00:00
commit fe5cfeb46b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=236586
4 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
contrib/bind9/CHANGES
View File

@ -1,3 +1,8 @@
--- 9.8.3-P1 released ---
3331. [security] dns_rdataslab_fromrdataset could produce bad
rdataslabs. [RT #29644]
--- 9.8.3 released ---
3318. [tuning] Reduce the amount of work performed while holding a

8
contrib/bind9/lib/dns/rdata.c
View File

@ -329,8 +329,8 @@ dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {
REQUIRE(rdata1 != NULL);
REQUIRE(rdata2 != NULL);
REQUIRE(rdata1->data != NULL);
REQUIRE(rdata2->data != NULL);
REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));
@ -360,8 +360,8 @@ dns_rdata_casecompare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {
REQUIRE(rdata1 != NULL);
REQUIRE(rdata2 != NULL);
REQUIRE(rdata1->data != NULL);
REQUIRE(rdata2->data != NULL);
REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));

11
contrib/bind9/lib/dns/rdataslab.c
View File

@ -126,6 +126,11 @@ isc_result_t
dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
isc_region_t *region, unsigned int reservelen)
{
/*
* Use &removed as a sentinal pointer for duplicate
* rdata as rdata.data == NULL is valid.
*/
static unsigned char removed;
struct xrdata *x;
unsigned char *rawbuf;
#if DNS_RDATASET_FIXED
@ -169,6 +174,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
INSIST(result == ISC_R_SUCCESS);
dns_rdata_init(&x[i].rdata);
dns_rdataset_current(rdataset, &x[i].rdata);
INSIST(x[i].rdata.data != &removed);
#if DNS_RDATASET_FIXED
x[i].order = i;
#endif
@ -201,8 +207,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
*/
for (i = 1; i < nalloc; i++) {
if (compare_rdata(&x[i-1].rdata, &x[i].rdata) == 0) {
x[i-1].rdata.data = NULL;
x[i-1].rdata.length = 0;
x[i-1].rdata.data = &removed;
#if DNS_RDATASET_FIXED
/*
* Preserve the least order so A, B, A -> A, B
@ -292,7 +297,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
#endif
for (i = 0; i < nalloc; i++) {
if (x[i].rdata.data == NULL)
if (x[i].rdata.data == &removed)
continue;
#if DNS_RDATASET_FIXED
offsettable[x[i].order] = rawbuf - offsetbase;

4
contrib/bind9/version
View File

@ -6,5 +6,5 @@
MAJORVER=9
MINORVER=8
PATCHVER=3
RELEASETYPE=
RELEASEVER=
RELEASETYPE=-P
RELEASEVER=1