mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-02 15:45:25 +00:00
Code Issues Releases Wiki Activity

[master] block validator deadlock and prevent use-after-free

Browse Source 
4859.	[bug]		A loop was possible when attempting to validate
			unsigned CNAME responses from secure zones;
			this caused a delay in returning SERVFAIL and
			also increased the chances of encountering
			CVE-2017-3145. [RT #46839]

4858.	[security]	Addresses could be referenced after being freed
			in resolver.c, causing an assertion failure.
			(CVE-2017-3145) [RT #46839]
This commit is contained in:
Evan Hunt
2018-01-03 19:11:18 -08:00
parent 9e6b394410
commit 053b51c4db
4 changed files with 46 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/dns/validator.c
View File

@@ -1100,7 +1100,8 @@ check_deadlock(dns_validator_t *val, dns_name_t *name, dns_rdatatype_t type,
for (parent = val; parent != NULL; parent = parent->parent) {
if (parent->event != NULL &&
parent->event->type == type &&
(parent->event->type == type ||
parent->event->type == dns_rdatatype_cname) &&
dns_name_equal(parent->event->name, name) &&
/*
* As NSEC3 records are meta data you sometimes