mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

Don't permit loading meta RR types such as TKEY from master files (#47009)

Browse Source
This commit is contained in:
Mukund Sivaraman
2018-01-22 14:26:04 +05:30
parent 63d0c6a3fc
commit 8a4ce20172
8 changed files with 97 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/ns/update.c
View File

@@ -2796,7 +2796,8 @@ update_action(isc_task_t *task, isc_event_t *event) {
if (update_class == zoneclass) {
/*
* RFC1123 doesn't allow MF and MD in master zones. */
* RFC1123 doesn't allow MF and MD in master zones.
*/
if (rdata.type == dns_rdatatype_md ||
rdata.type == dns_rdatatype_mf) {
char typebuf[DNS_RDATATYPE_FORMATSIZE];
@@ -2885,7 +2886,9 @@ update_action(isc_task_t *task, isc_event_t *event) {
* Ignore attempts to add NSEC3PARAM records
* with any flags other than OPTOUT.
*/
if ((rdata.data[1] & ~DNS_NSEC3FLAG_OPTOUT) != 0) {
if ((rdata.data[1] &
~DNS_NSEC3FLAG_OPTOUT) != 0)
{
update_log(client, zone,
LOGLEVEL_PROTOCOL,
"attempt to add NSEC3PARAM "