src - FreeBSD source tree

diff options


context:
space:
mode:

author	Doug Barton <dougb@FreeBSD.org>	2012-06-04 22:06:29 +0000
committer	Doug Barton <dougb@FreeBSD.org>	2012-06-04 22:06:29 +0000
commit	e65e77db6fba1c7be79358863fdbc6d098cef082 (patch)
tree	d529b50a61c8994f1bfeebf8220f6832f3a76810
parent	084de27e02affbe7c588e0fcc0d061a466e83627 (diff)

Vendor import of BIND 9.8.3-P1vendor/bind9/9.8.3-P1

Notes

Notes: svn path=/vendor/bind9/dist/; revision=236584 svn path=/vendor/bind9/9.8.3-P1/; revision=236585; tag=vendor/bind9/9.8.3-P1

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

4 files changed, 19 insertions, 9 deletions

diff --git a/CHANGES b/CHANGES
index e8cfbfe379d0..0b0d7c052fc4 100644
--- a/CHANGES
+++ b/CHANGES

@@ -1,3 +1,8 @@

+ --- 9.8.3-P1 released ---

+3331. [security] dns_rdataslab_fromrdataset could produce bad

+ rdataslabs. [RT #29644]

--- 9.8.3 released ---

3318. [tuning] Reduce the amount of work performed while holding a

diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c
index 8773145ed6f5..f6807d1a4003 100644
--- a/lib/dns/rdata.c
+++ b/lib/dns/rdata.c

@@ -329,8 +329,8 @@ dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {

REQUIRE(rdata1 != NULL);

REQUIRE(rdata2 != NULL);

- REQUIRE(rdata1->data != NULL);

- REQUIRE(rdata2->data != NULL);

+ REQUIRE(rdata1->length == 0 || rdata1->data != NULL);

+ REQUIRE(rdata2->length == 0 || rdata2->data != NULL);

REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));

REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));

@@ -360,8 +360,8 @@ dns_rdata_casecompare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {

REQUIRE(rdata1 != NULL);

REQUIRE(rdata2 != NULL);

- REQUIRE(rdata1->data != NULL);

- REQUIRE(rdata2->data != NULL);

+ REQUIRE(rdata1->length == 0 || rdata1->data != NULL);

+ REQUIRE(rdata2->length == 0 || rdata2->data != NULL);

REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));

REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));

diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c
index 150d9b8d4c8a..6fbfdd715c92 100644
--- a/lib/dns/rdataslab.c
+++ b/lib/dns/rdataslab.c

@@ -126,6 +126,11 @@ isc_result_t

dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,

isc_region_t *region, unsigned int reservelen)

{

+ /*

+ * Use &removed as a sentinal pointer for duplicate

+ * rdata as rdata.data == NULL is valid.

+ */

+ static unsigned char removed;

struct xrdata *x;

unsigned char *rawbuf;

#if DNS_RDATASET_FIXED

@@ -169,6 +174,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,

INSIST(result == ISC_R_SUCCESS);

dns_rdata_init(&x[i].rdata);

dns_rdataset_current(rdataset, &x[i].rdata);

+ INSIST(x[i].rdata.data != &removed);

#if DNS_RDATASET_FIXED

x[i].order = i;

#endif

@@ -201,8 +207,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,

for (i = 1; i < nalloc; i++) {

if (compare_rdata(&x[i-1].rdata, &x[i].rdata) == 0) {

- x[i-1].rdata.data = NULL;

- x[i-1].rdata.length = 0;

+ x[i-1].rdata.data = &removed;

#if DNS_RDATASET_FIXED

* Preserve the least order so A, B, A -> A, B

@@ -292,7 +297,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,

#endif

for (i = 0; i < nalloc; i++) {

- if (x[i].rdata.data == NULL)

+ if (x[i].rdata.data == &removed)

continue;

#if DNS_RDATASET_FIXED

offsettable[x[i].order] = rawbuf - offsetbase;

diff --git a/version b/version
index 0f23b2e0d821..63b02cfe4998 100644
--- a/version
+++ b/version

@@ -6,5 +6,5 @@

MAJORVER=9

MINORVER=8

PATCHVER=3

-RELEASETYPE=

-RELEASEVER=

+RELEASETYPE=-P

+RELEASEVER=1