svn commit: r236588 - in vendor/bind9/dist-9.6: . lib/dns

Doug Barton dougb at FreeBSD.org
Mon Jun 4 22:19:10 UTC 2012 

Author: dougb
Date: Mon Jun  4 22:19:09 2012
New Revision: 236588
URL: http://svn.freebsd.org/changeset/base/236588

Log:
  Vendor import of BIND 9.6-ESV-R7-P1

Modified:
  vendor/bind9/dist-9.6/CHANGES
  vendor/bind9/dist-9.6/lib/dns/rdata.c
  vendor/bind9/dist-9.6/lib/dns/rdataslab.c
  vendor/bind9/dist-9.6/version

Modified: vendor/bind9/dist-9.6/CHANGES
==============================================================================
--- vendor/bind9/dist-9.6/CHANGES	Mon Jun  4 22:14:33 2012	(r236587)
+++ vendor/bind9/dist-9.6/CHANGES	Mon Jun  4 22:19:09 2012	(r236588)
@@ -1,3 +1,8 @@
+	--- 9.6-ESV-R7-P1 released ---
+
+3331.	[security]	dns_rdataslab_fromrdataset could produce bad
+			rdataslabs. [RT #29644]
+
 	--- 9.6-ESV-R7 released ---
 
 3318.	[tuning]	Reduce the amount of work performed while holding a

Modified: vendor/bind9/dist-9.6/lib/dns/rdata.c
==============================================================================
--- vendor/bind9/dist-9.6/lib/dns/rdata.c	Mon Jun  4 22:14:33 2012	(r236587)
+++ vendor/bind9/dist-9.6/lib/dns/rdata.c	Mon Jun  4 22:19:09 2012	(r236588)
@@ -345,8 +345,8 @@ dns_rdata_compare(const dns_rdata_t *rda
 
 	REQUIRE(rdata1 != NULL);
 	REQUIRE(rdata2 != NULL);
-	REQUIRE(rdata1->data != NULL);
-	REQUIRE(rdata2->data != NULL);
+	REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
+	REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
 	REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
 	REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));
 

Modified: vendor/bind9/dist-9.6/lib/dns/rdataslab.c
==============================================================================
--- vendor/bind9/dist-9.6/lib/dns/rdataslab.c	Mon Jun  4 22:14:33 2012	(r236587)
+++ vendor/bind9/dist-9.6/lib/dns/rdataslab.c	Mon Jun  4 22:19:09 2012	(r236588)
@@ -126,6 +126,11 @@ isc_result_t
 dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
 			   isc_region_t *region, unsigned int reservelen)
 {
+	/*
+	 * Use &removed as a sentinal pointer for duplicate
+	 * rdata as rdata.data == NULL is valid.
+	 */
+	static unsigned char removed;
 	struct xrdata  *x;
 	unsigned char  *rawbuf;
 #if DNS_RDATASET_FIXED
@@ -165,6 +170,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_
 		INSIST(result == ISC_R_SUCCESS);
 		dns_rdata_init(&x[i].rdata);
 		dns_rdataset_current(rdataset, &x[i].rdata);
+		INSIST(x[i].rdata.data != &removed);
 #if DNS_RDATASET_FIXED
 		x[i].order = i;
 #endif
@@ -197,8 +203,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_
 	 */
 	for (i = 1; i < nalloc; i++) {
 		if (compare_rdata(&x[i-1].rdata, &x[i].rdata) == 0) {
-			x[i-1].rdata.data = NULL;
-			x[i-1].rdata.length = 0;
+			x[i-1].rdata.data = &removed;
 #if DNS_RDATASET_FIXED
 			/*
 			 * Preserve the least order so A, B, A -> A, B
@@ -285,7 +290,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_
 #endif
 
 	for (i = 0; i < nalloc; i++) {
-		if (x[i].rdata.data == NULL)
+		if (x[i].rdata.data == &removed)
 			continue;
 #if DNS_RDATASET_FIXED
 		offsettable[x[i].order] = rawbuf - offsetbase;

Modified: vendor/bind9/dist-9.6/version
==============================================================================
--- vendor/bind9/dist-9.6/version	Mon Jun  4 22:14:33 2012	(r236587)
+++ vendor/bind9/dist-9.6/version	Mon Jun  4 22:19:09 2012	(r236588)
@@ -7,4 +7,4 @@ MAJORVER=9
 MINORVER=6
 PATCHVER=
 RELEASETYPE=-ESV
-RELEASEVER=-R7
+RELEASEVER=-R7-P1

More information about the svn-src-all mailing list