« back to all changes in this revision
Viewing changes to bin/named/query.c
- browse files at revision 52
- compare with another revision
- download diff
- download tarball
- view history from revision 52
- Committer: Package Import Robot
- Author(s): Marc Deslauriers
- Date: 2012-10-05 09:41:37 UTC
- Revision ID: package-import@ubuntu.com-20121005094137-t8b2em7jlm4ozu1a
Tags: 1:9.8.1.dfsg.P1-4.2ubuntu3
* SECURITY UPDATE: denial of service via specific combinations of RDATA
- bin/named/query.c: fix logic
- Patch backported from 9.8.3-P4
- CVE-2012-5166
- bin/named/query.c: fix logic
- Patch backported from 9.8.3-P4
- CVE-2012-5166
- files modified:
- bin/named/query.c
added
removed
bin/named/query.c
1137
1137
mname = NULL;
1138
1138
}
1139
1139
1140
/*
1141
* If the dns_name_t we're looking up is already in the message,
1142
* we don't want to trigger the caller's name replacement logic.
1143
*/
1144
if (name == mname)
1145
mname = NULL;
1146
1147
1140
*mnamep = mname;
1148
1141
1149
1142
CTRACE("query_isduplicate: false: done");
1341
1334
if (dns_rdataset_isassociated(rdataset) &&
1342
1335
!query_isduplicate(client, fname, type, &mname)) {
1343
1336
if (mname != NULL) {
1337
INSIST(mname != fname);
1344
1338
query_releasename(client, &fname);
1345
1339
fname = mname;
1346
1340
} else
1401
1395
mname = NULL;
1402
1396
if (!query_isduplicate(client, fname,
1403
1397
dns_rdatatype_a, &mname)) {
1404
if (mname != NULL) {
1405
query_releasename(client, &fname);
1406
fname = mname;
1407
} else
1408
need_addname = ISC_TRUE;
1398
if (mname != fname) {
1399
if (mname != NULL) {
1400
query_releasename(client, &fname);
1401
fname = mname;
1402
} else
1403
need_addname = ISC_TRUE;
1404
}
1409
1405
ISC_LIST_APPEND(fname->list, rdataset, link);
1410
1406
added_something = ISC_TRUE;
1411
1407
if (sigrdataset != NULL &&
1444
1440
mname = NULL;
1445
1441
if (!query_isduplicate(client, fname,
1446
1442
dns_rdatatype_aaaa, &mname)) {
1447
if (mname != NULL) {
1448
query_releasename(client, &fname);
1449
fname = mname;
1450
} else
1451
need_addname = ISC_TRUE;
1443
if (mname != fname) {
1444
if (mname != NULL) {
1445
query_releasename(client, &fname);
1446
fname = mname;
1447
} else
1448
need_addname = ISC_TRUE;
1449
}
1452
1450
ISC_LIST_APPEND(fname->list, rdataset, link);
1453
1451
added_something = ISC_TRUE;
1454
1452
if (sigrdataset != NULL &&
1960
1958
crdataset->type == dns_rdatatype_aaaa) {
1961
1959
if (!query_isduplicate(client, fname, crdataset->type,
1962
1960
&mname)) {
1963
if (mname != NULL) {
1964
/*
1965
* A different type of this name is
1966
* already stored in the additional
1967
* section. We'll reuse the name.
1968
* Note that this should happen at most
1969
* once. Otherwise, fname->link could
1970
* leak below.
1971
*/
1972
INSIST(mname0 == NULL);
1961
if (mname != fname) {
1962
if (mname != NULL) {
1963
/*
1964
* A different type of this name is
1965
* already stored in the additional
1966
* section. We'll reuse the name.
1967
* Note that this should happen at most
1968
* once. Otherwise, fname->link could
1969
* leak below.
1970
*/
1971
INSIST(mname0 == NULL);
1973
1972
1974
query_releasename(client, &fname);
1975
fname = mname;
1976
mname0 = mname;
1977
} else
1978
need_addname = ISC_TRUE;
1973
query_releasename(client, &fname);
1974
fname = mname;
1975
mname0 = mname;
1976
} else
1977
need_addname = ISC_TRUE;
1978
}
1979
1979
ISC_LIST_UNLINK(cfname.list, crdataset, link);
1980
1980
ISC_LIST_APPEND(fname->list, crdataset, link);
1981
1981
added_something = ISC_TRUE;
Loggerhead is a web-based interface for Breezy
Version: 2.0.1