Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-6]: src/dist/bind/bin/named Pull up revision 1.3 (requested by ...
details: https://anonhg.NetBSD.org/src/rev/d5d2fdf0b53c
branches: netbsd-1-6
changeset: 528132:d5d2fdf0b53c
user: lukem <lukem%NetBSD.org@localhost>
date: Fri Jun 28 11:30:32 2002 +0000
description:
Pull up revision 1.3 (requested by itojun in ticket #387):
Update to BIND 8.3.3. Fixes buffer overrun in resolver code.
diffstat:
dist/bind/bin/named/db_lookup.c | 6 +-
dist/bind/bin/named/db_save.c | 10 +++-
dist/bind/bin/named/db_sec.c | 92 +++++++++++++++-------------------------
dist/bind/bin/named/db_tsig.c | 8 +-
4 files changed, 49 insertions(+), 67 deletions(-)
diffs (truncated from 367 to 300 lines):
diff -r 5349d68dbefa -r d5d2fdf0b53c dist/bind/bin/named/db_lookup.c
--- a/dist/bind/bin/named/db_lookup.c Fri Jun 28 11:30:22 2002 +0000
+++ b/dist/bind/bin/named/db_lookup.c Fri Jun 28 11:30:32 2002 +0000
@@ -1,8 +1,8 @@
-/* $NetBSD: db_lookup.c,v 1.2 2001/01/27 07:21:58 itojun Exp $ */
+/* $NetBSD: db_lookup.c,v 1.2.2.1 2002/06/28 11:30:32 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
static const char sccsid[] = "@(#)db_lookup.c 4.18 (Berkeley) 3/21/91";
-static const char rcsid[] = "Id: db_lookup.c,v 8.26 2000/04/21 06:54:03 vixie Exp";
+static const char rcsid[] = "Id: db_lookup.c,v 8.27 2001/06/18 14:42:55 marka Exp";
#endif /* not lint */
/*
@@ -260,7 +260,7 @@
return (0);
if (dp->d_type != type && dp->d_type != T_SIG && type != T_ANY)
return (0);
- if (type != T_SIG && dp->d_type == T_SIG && SIG_COVERS(dp) != type)
+ if (type != T_SIG && dp->d_type == T_SIG && (int)SIG_COVERS(dp) != type)
return (0);
return (1);
}
diff -r 5349d68dbefa -r d5d2fdf0b53c dist/bind/bin/named/db_save.c
--- a/dist/bind/bin/named/db_save.c Fri Jun 28 11:30:22 2002 +0000
+++ b/dist/bind/bin/named/db_save.c Fri Jun 28 11:30:32 2002 +0000
@@ -1,8 +1,8 @@
-/* $NetBSD: db_save.c,v 1.2 2001/01/27 07:21:58 itojun Exp $ */
+/* $NetBSD: db_save.c,v 1.2.2.1 2002/06/28 11:30:42 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
static const char sccsid[] = "@(#)db_save.c 4.16 (Berkeley) 3/21/91";
-static const char rcsid[] = "Id: db_save.c,v 8.28 2000/11/29 06:55:48 marka Exp";
+static const char rcsid[] = "Id: db_save.c,v 8.30 2002/05/18 01:02:56 marka Exp";
#endif /* not lint */
/*
@@ -139,7 +139,7 @@
int size;
{
struct databuf *dp;
- int bytes = DATASIZE(size);
+ int bytes = BIND_DATASIZE(size);
dp = (struct databuf *)memget(bytes);
if (dp == NULL)
@@ -160,6 +160,10 @@
dp->d_rcode = NOERROR;
dp->d_addr.s_addr = htonl(0);
dp->d_nstime = 0;
+ dp->d_rcnt = 1;
+#ifdef CHECK_MAGIC
+ dp->d_magic = DATABUF_MAGIC;
+#endif
memcpy(dp->d_data, data, dp->d_size);
return (dp);
}
diff -r 5349d68dbefa -r d5d2fdf0b53c dist/bind/bin/named/db_sec.c
--- a/dist/bind/bin/named/db_sec.c Fri Jun 28 11:30:22 2002 +0000
+++ b/dist/bind/bin/named/db_sec.c Fri Jun 28 11:30:32 2002 +0000
@@ -1,8 +1,8 @@
-/* $NetBSD: db_sec.c,v 1.2 2001/01/27 07:21:58 itojun Exp $ */
+/* $NetBSD: db_sec.c,v 1.2.2.1 2002/06/28 11:30:52 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
-static const char rcsid[] = "Id: db_sec.c,v 8.32 2000/12/23 08:14:36 vixie Exp";
+static const char rcsid[] = "Id: db_sec.c,v 8.35 2001/06/18 14:42:57 marka Exp";
#endif /* not lint */
/*
@@ -141,7 +141,7 @@
tree_srch_pubkey (const char *name) {
struct zpubkey tkey, *key;
- tkey.zpk_name = (char *) name;
+ DE_CONST(name, tkey.zpk_name);
if (trusted_keys == NULL) {
tree_init(&trusted_keys);
return (NULL);
@@ -272,7 +272,7 @@
case ns_t_soa:
case ns_t_minfo:
case ns_t_rp:
- if (eob - bp < strlen((char *)cp) + 1)
+ if (eob - bp < (int)strlen((char *)cp) + 1)
return (-1);
if (ns_name_pton((char *)cp, buf, sizeof buf) < 0)
return (-1);
@@ -282,7 +282,7 @@
bp += len;
cp += strlen((char *)cp) + 1;
- if (eob - bp < strlen((char *)cp) + 1)
+ if (eob - bp < (int)strlen((char *)cp) + 1)
return (-1);
if (ns_name_pton((char *)cp, buf, sizeof buf) < 0)
return (-1);
@@ -309,7 +309,7 @@
case ns_t_mr:
case ns_t_ptr:
case ns_t_nxt:
- if (eob - bp < strlen((char *)cp) + 1)
+ if (eob - bp < (int)strlen((char *)cp) + 1)
return (-1);
if (ns_name_pton((char *)cp, buf, sizeof buf) < 0)
return (-1);
@@ -345,7 +345,7 @@
bp += INT16SZ;
cp += INT16SZ;
- if (eob - bp < strlen((char *)cp) + 1)
+ if (eob - bp < (int)strlen((char *)cp) + 1)
return (-1);
if (ns_name_pton((char *)cp, buf, sizeof buf) < 0)
return (-1);
@@ -356,7 +356,7 @@
cp += strlen((char *)cp) + 1;
if (dp->d_type == ns_t_px) {
- if (eob - bp < strlen((char *)cp) + 1)
+ if (eob - bp < (int)strlen((char *)cp) + 1)
return (-1);
if (ns_name_pton((char *)cp, buf, sizeof buf) < 0)
return (-1);
@@ -475,7 +475,7 @@
}
}
-int
+static int
verify_set(struct db_rrset *rrset) {
DST_KEY *key = NULL;
struct sig_record *sigdata;
@@ -529,13 +529,13 @@
* Don't verify a set if the SIG inception time is in
* the future. This should be fixed before 2038 (BEW)
*/
- if (ntohl(sigdata->sig_time_n) > now)
+ if ((time_t)ntohl(sigdata->sig_time_n) > now)
continue;
/* An expired set is dropped, but the data is not. */
- if (ntohl(sigdata->sig_exp_n) < now) {
- db_freedata(sigdp);
- sigdn->dp = NULL;
+ if ((time_t)ntohl(sigdata->sig_exp_n) < now) {
+ db_detach(&sigdn->dp);
+ sigdp = NULL;
continue;
}
@@ -717,8 +717,8 @@
if (ret < 0) {
dnssec_failed++;
- db_freedata(sigdp);
- sigdn->dp = NULL;
+ db_detach(&sigdn->dp);
+ sigdp = NULL;
}
else
dnssec_succeeded++;
@@ -748,40 +748,27 @@
}
static void
-rrset_free_partial(struct db_rrset *rrset, int free_data, struct dnode *start) {
+rrset_free(struct db_rrset *rrset) {
struct dnode *dnp;
- int found_start = 0;
ns_debug(ns_log_default, 5, "rrset_free(%s)", rrset->rr_name);
- if (start == NULL)
- found_start = 1;
-
while (rrset->rr_list) {
dnp = rrset->rr_list;
- if (dnp == start)
- found_start = 1;
rrset->rr_list = rrset->rr_list->dn_next;
- if (dnp->dp != NULL && free_data == 1 && found_start == 1)
- db_freedata(dnp->dp);
+ if (dnp->dp != NULL)
+ db_detach(&dnp->dp);
memput(dnp, sizeof(struct dnode));
}
while (rrset->rr_sigs) {
dnp = rrset->rr_sigs;
- if (dnp == start)
- found_start = 1;
rrset->rr_sigs = rrset->rr_sigs->dn_next;
- if (dnp->dp != NULL && free_data == 1 && found_start == 1)
- db_freedata(dnp->dp);
+ if (dnp->dp != NULL)
+ db_detach(&dnp->dp);
memput(dnp, sizeof(struct dnode));
}
}
-static void
-rrset_free(struct db_rrset *rrset, int free_data) {
- rrset_free_partial(rrset, free_data, NULL);
-}
-
/*
* This is called when we have an rrset with SIGs and no other data.
* Returns 1 if we either found the necessary data or if the SIG can be added
@@ -840,7 +827,6 @@
struct sockaddr_in from, int *rrcount)
{
struct dnode *dnp;
- struct databuf *dp;
int ret;
/* If we have any unattached SIG records that are DNSSEC signatures,
@@ -850,57 +836,51 @@
*/
if (rrset->rr_list == NULL) {
if (attach_data(rrset) == 0) {
- rrset_free(rrset, 1);
+ rrset_free(rrset);
return (OK);
}
if (rrset->rr_list != NULL &&
verify_set(rrset) == DB_S_FAILED)
{
- rrset_free(rrset, 1);
+ rrset_free(rrset);
return (OK);
}
}
for (dnp = rrset->rr_list; dnp != NULL; dnp = dnp->dn_next) {
- dp = dnp->dp;
- ret = db_update(rrset->rr_name, dp, dp, NULL,
+ ret = db_update(rrset->rr_name, dnp->dp, dnp->dp, NULL,
flags, (*htpp), from);
if (ret != OK) {
/* XXX Probably should do rollback. */
- db_err(ret, rrset->rr_name, dp->d_type,
+ db_err(ret, rrset->rr_name, dnp->dp->d_type,
dnp->file, dnp->line);
if (ret != DATAEXISTS) {
- rrset_free_partial(rrset, 1, dnp);
+ rrset_free(rrset);
return (ret);
}
- db_freedata(dp);
}
if (rrcount != NULL)
(*rrcount)++;
- dnp->dp = NULL;
}
for (dnp = rrset->rr_sigs; dnp != NULL; dnp = dnp->dn_next) {
- dp = dnp->dp;
- if (dp == NULL) /* verifyset() can remove sigs */
+ if (dnp->dp == NULL) /* verifyset() can remove sigs */
continue;
- ret = db_update(rrset->rr_name, dp, dp, NULL,
+ ret = db_update(rrset->rr_name, dnp->dp, dnp->dp, NULL,
flags, (*htpp), from);
if (ret != OK) {
/* XXX Probably should do rollback. */
- db_err(ret, rrset->rr_name, dp->d_type,
+ db_err(ret, rrset->rr_name, dnp->dp->d_type,
dnp->file, dnp->line);
if (ret != DATAEXISTS) {
- rrset_free_partial(rrset, 1, dnp);
+ rrset_free(rrset);
return (ret);
}
- db_freedata(dp);
}
if (rrcount != NULL)
(*rrcount)++;
- dnp->dp = NULL;
}
- rrset_free(rrset, 0);
+ rrset_free(rrset);
return (OK);
}
@@ -929,7 +909,7 @@
while (rrset != NULL) {
if (rrset->rr_type != ns_t_nxt || dp->d_type != ns_t_nxt) {
if (dp->d_type == ns_t_sig) {
- if (SIG_COVERS(dp) == rrset->rr_type)
+ if ((int)SIG_COVERS(dp) == rrset->rr_type)
break;
} else {
if (dp->d_type == rrset->rr_type)
@@ -944,10 +924,7 @@
if (rrset != NULL) {
if ((dp->d_type == ns_t_sig && rr_in_set(dp, rrset->rr_sigs)) ||
(dp->d_type != ns_t_sig && rr_in_set(dp, rrset->rr_list)))
- {
- db_freedata(dp);
Home |
Main Index |
Thread Index |
Old Index