mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

3124. [bug] Use an rdataset attribute flag to indicate

Browse Source 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
This commit is contained in:
Evan Hunt
2011-06-08 22:13:51 +00:00
parent 46a8315efe
commit 6de9744cf9
12 changed files with 137 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/dns/nsec3.c
View File

@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: nsec3.c,v 1.21 2011/03/12 04:59:48 tbox Exp $ */
/* $Id: nsec3.c,v 1.22 2011/06/08 22:13:50 each Exp $ */
#include <config.h>
@@ -1579,7 +1579,7 @@ dns_nsec3_delnsec3s(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name,
isc_result_t
dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name,
dns_rdatatype_t type, dns_diff_t *diff)
dns_rdatatype_t privatetype, dns_diff_t *diff)
{
dns_dbnode_t *node = NULL;
dns_rdata_nsec3param_t nsec3param;
@@ -1624,9 +1624,9 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name,
dns_rdataset_disassociate(&rdataset);
try_private:
if (type == 0)
if (privatetype == 0)
goto success;
result = dns_db_findrdataset(db, node, version, type, 0, 0,
result = dns_db_findrdataset(db, node, version, privatetype, 0, 0,
&rdataset, NULL);
if (result == ISC_R_NOTFOUND)
goto success;
@@ -1681,7 +1681,7 @@ dns_nsec3_active(dns_db_t *db, dns_dbversion_t *version,
isc_result_t
dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version,
isc_boolean_t complete, dns_rdatatype_t type,
isc_boolean_t complete, dns_rdatatype_t privatetype,
isc_boolean_t *answer)
{
dns_dbnode_t *node = NULL;
@@ -1730,11 +1730,11 @@ dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version,
*answer = ISC_FALSE;
try_private:
if (type == 0 || complete) {
if (privatetype == 0 || complete) {
*answer = ISC_FALSE;
return (ISC_R_SUCCESS);
}
result = dns_db_findrdataset(db, node, version, type, 0, 0,
result = dns_db_findrdataset(db, node, version, privatetype, 0, 0,
&rdataset, NULL);
dns_db_detachnode(db, &node);