Merge branch '189-fix-tsig-dump-keyfile-name-generation-issues' into 'master'

Resolve "Fix TSIG dump keyfile name generation issues" Closes #189 See merge request isc-projects/bind9!164
2025-08-31 14:35:26 +00:00 · 2018-04-11 08:37:05 -04:00
parent 7749d7945f 44b84cb5a6
commit 91683d19a8
2 changed files with 29 additions and 23 deletions
--- a/lib/dns/view.c
+++ b/lib/dns/view.c
@@ -13,8 +13,10 @@

 #include <config.h>

+#include <limits.h>
+
 #ifdef HAVE_LMDB
-#include <lmdb.h>
+ #include <lmdb.h>
 #endif

 #include <isc/file.h>
@@ -350,28 +352,28 @@ destroy(dns_view_t *view) {

 	if (view->dynamickeys != NULL) {
 		isc_result_t result;
-		char template[20];
-		char keyfile[20];
+		char template[PATH_MAX];
+		char keyfile[PATH_MAX];
 		FILE *fp = NULL;
-		int n;

-		n = snprintf(keyfile, sizeof(keyfile), "%s.tsigkeys",
-			     view->name);
-		if (n > 0 && (size_t)n < sizeof(keyfile)) {
-			result = isc_file_mktemplate(keyfile, template,
-						     sizeof(template));
-			if (result == ISC_R_SUCCESS)
-				(void)isc_file_openuniqueprivate(template, &fp);
+		result = isc_file_mktemplate(NULL, template, sizeof(template));
+		if (result == ISC_R_SUCCESS) {
+			(void)isc_file_openuniqueprivate(template, &fp);
 		}
-		if (fp == NULL)
+		if (fp == NULL) {
 			dns_tsigkeyring_detach(&view->dynamickeys);
-		else {
-			result = dns_tsigkeyring_dumpanddetach(
-							&view->dynamickeys, fp);
+		} else {
+			result = dns_tsigkeyring_dumpanddetach
+				(&view->dynamickeys, fp);
 			if (result == ISC_R_SUCCESS) {
-				if (fclose(fp) == 0)
-					result = isc_file_rename(template,
-								 keyfile);
+				if (fclose(fp) == 0) {
+					result = isc_file_sanitize
+						(NULL, view->name, "tsigkeys",
+						 keyfile, sizeof(keyfile));
+					if (result == ISC_R_SUCCESS)
+						result = isc_file_rename
+							(template, keyfile);
+				}
 				if (result != ISC_R_SUCCESS)
 					(void)remove(template);
 			} else {
@@ -905,15 +907,15 @@ dns_view_getdynamickeyring(dns_view_t *view, dns_tsig_keyring_t **ringp) {
 void
 dns_view_restorekeyring(dns_view_t *view) {
 	FILE *fp;
-	char keyfile[20];
-	int n;
+	char keyfile[PATH_MAX];
+	isc_result_t result;

 	REQUIRE(DNS_VIEW_VALID(view));

 	if (view->dynamickeys != NULL) {
-		n = snprintf(keyfile, sizeof(keyfile), "%s.tsigkeys",
-			     view->name);
-		if (n > 0 && (size_t)n < sizeof(keyfile)) {
+		result = isc_file_sanitize(NULL, view->name, "tsigkeys",
+					   keyfile, sizeof(keyfile));
+		if (result == ISC_R_SUCCESS) {
 			fp = fopen(keyfile, "r");
 			if (fp != NULL) {
 				dns_keyring_restore(view->dynamickeys, fp);
--- a/lib/isc/win32/include/isc/platform.h.in
+++ b/lib/isc/win32/include/isc/platform.h.in
@@ -24,6 +24,10 @@
 *** Network.
 ***/

+#ifndef PATH_MAX
+#define PATH_MAX _MAX_PATH
+#endif
+
 #define ISC_PLATFORM_HAVEIPV6
 #if _MSC_VER > 1200
 #define ISC_PLATFORM_HAVEIN6PKTINFO