Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-1-6]: src/dist/bind Pull up revision 1.7 (requested by itojun in ...

details:   https://anonhg.NetBSD.org/src/rev/00bfe397980c
branches:  netbsd-1-6
changeset: 529353:00bfe397980c
user:      lukem <lukem%NetBSD.org@localhost>
date:      Fri Nov 15 00:48:29 2002 +0000

description:
Pull up revision 1.7 (requested by itojun in ticket #989):
apply http://www.isc.org/products/BIND/patches/bind833.diff to fix recent
vulnerabilities:
* BIND: Remote Execution of Code (BIND 4 & 8)
* BIND: Multiple Denial of Service (BIND 8 only)

diffstat:

 dist/bind/bin/named/ns_defs.h   |  4 ++--
 dist/bind/lib/nameser/ns_name.c |  6 +++++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diffs (38 lines):

diff -r b498ce7e4460 -r 00bfe397980c dist/bind/bin/named/ns_defs.h
--- a/dist/bind/bin/named/ns_defs.h     Fri Nov 15 00:48:19 2002 +0000
+++ b/dist/bind/bin/named/ns_defs.h     Fri Nov 15 00:48:29 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ns_defs.h,v 1.4.2.1 2002/06/28 11:32:00 lukem Exp $    */
+/*     $NetBSD: ns_defs.h,v 1.4.2.2 2002/11/15 00:48:29 lukem Exp $    */
 
 /*
  *     from ns.h       4.33 (Berkeley) 8/23/90
@@ -471,7 +471,7 @@
                        q_cmsglen,      /* len of cname message */
                        q_cmsgsize;     /* allocated size of cname message */
        int16_t         q_dfd;          /* UDP file descriptor */
-       int16_t         q_udpsize;      /* UDP message size */
+       u_int16_t       q_udpsize;      /* UDP message size */
        int             q_distance;     /* distance this query is from the
                                         * original query that the server
                                         * received. */
diff -r b498ce7e4460 -r 00bfe397980c dist/bind/lib/nameser/ns_name.c
--- a/dist/bind/lib/nameser/ns_name.c   Fri Nov 15 00:48:19 2002 +0000
+++ b/dist/bind/lib/nameser/ns_name.c   Fri Nov 15 00:48:29 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ns_name.c,v 1.3.2.1 2002/06/28 11:56:42 lukem Exp $    */
+/*     $NetBSD: ns_name.c,v 1.3.2.2 2002/11/15 00:48:30 lukem Exp $    */
 
 /*
  * Copyright (c) 1996,1999 by Internet Software Consortium.
@@ -343,6 +343,10 @@
        dn = dst;
        eom = dst + dstsiz;
 
+       if (dn >= eom) {
+               errno = EMSGSIZE;
+               return (-1);
+       }
        while ((n = *cp++) != 0) {
                if ((n & NS_CMPRSFLGS) == NS_CMPRSFLGS) {
                        /* Some kind of compression pointer. */
Home | Main Index | Thread Index | Old Index