CVS commit: [netbsd-4] src/dist/bind
Module Name:src Committed By: bouyer Date: Sat Sep 15 09:09:33 UTC 2012 Modified Files: src/dist/bind [netbsd-4]: CHANGES version src/dist/bind/lib/dns [netbsd-4]: master.c rdata.c rdataslab.c src/dist/bind/lib/dns/include/dns [netbsd-4]: rdata.h Log Message: Apply patch, requested by spz in ticket #1457 dist/bind/CHANGES patch dist/bind/version patch dist/bind/lib/dns/master.c patch dist/bind/lib/dns/rdata.c patch dist/bind/lib/dns/rdataslab.c patch dist/bind/lib/dns/include/dns/rdata.h patch apply fix for CVE-2012-4244 (Named could die on specially crafted record) from upstream. To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.10 -r1.1.1.4.4.11 src/dist/bind/CHANGES \ src/dist/bind/version cvs rdiff -u -r1.1.1.4.4.4 -r1.1.1.4.4.5 src/dist/bind/lib/dns/master.c cvs rdiff -u -r1.1.1.3.4.3 -r1.1.1.3.4.4 src/dist/bind/lib/dns/rdata.c cvs rdiff -u -r1.1.1.3.4.4 -r1.1.1.3.4.5 src/dist/bind/lib/dns/rdataslab.c cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 \ src/dist/bind/lib/dns/include/dns/rdata.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/CHANGES diff -u src/dist/bind/CHANGES:1.1.1.4.4.10 src/dist/bind/CHANGES:1.1.1.4.4.11 --- src/dist/bind/CHANGES:1.1.1.4.4.10 Tue Jul 24 20:38:38 2012 +++ src/dist/bind/CHANGES Sat Sep 15 09:09:31 2012 @@ -1,3 +1,8 @@ +--- 9.4-ESV-R4-P2nb2: added patches from 9.7.6-P3 --- + +3364. [security] Named could die on specially crafted record. + [RT #30416] + --- 9.4-ESV-R4-P2nb1: added patches from 9.6-ESV-R7-P2 --- 3346. [security] Bad-cache data could be used before it was Index: src/dist/bind/version diff -u src/dist/bind/version:1.1.1.4.4.10 src/dist/bind/version:1.1.1.4.4.11 --- src/dist/bind/version:1.1.1.4.4.10 Tue Jul 24 20:38:38 2012 +++ src/dist/bind/version Sat Sep 15 09:09:31 2012 @@ -1,4 +1,4 @@ -# $Id: version,v 1.1.1.4.4.10 2012/07/24 20:38:38 riz Exp $ +# $Id: version,v 1.1.1.4.4.11 2012/09/15 09:09:31 bouyer Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=4 PATCHVER= RELEASETYPE=-ESV -RELEASEVER=-R4-P2nb1 +RELEASEVER=-R4-P2nb2 Index: src/dist/bind/lib/dns/master.c diff -u src/dist/bind/lib/dns/master.c:1.1.1.4.4.4 src/dist/bind/lib/dns/master.c:1.1.1.4.4.5 --- src/dist/bind/lib/dns/master.c:1.1.1.4.4.4 Sun Nov 20 13:02:27 2011 +++ src/dist/bind/lib/dns/master.c Sat Sep 15 09:09:32 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: master.c,v 1.1.1.4.4.4 2011/11/20 13:02:27 bouyer Exp $ */ +/* $NetBSD: master.c,v 1.1.1.4.4.5 2012/09/15 09:09:32 bouyer Exp $ */ /* * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. (ISC) @@ -77,7 +77,7 @@ /*% * max message size - header - root - type - class - ttl - rdlen */ -#define MINTSIZ (65535 - 12 - 1 - 2 - 2 - 4 - 2) +#define MINTSIZ DNS_RDATA_MAXLENGTH /*% * Size for tokens in the presentation format, * The largest tokens are the base64 blocks in KEY and CERT records, Index: src/dist/bind/lib/dns/rdata.c diff -u src/dist/bind/lib/dns/rdata.c:1.1.1.3.4.3 src/dist/bind/lib/dns/rdata.c:1.1.1.3.4.4 --- src/dist/bind/lib/dns/rdata.c:1.1.1.3.4.3 Tue Jun 5 20:01:02 2012 +++ src/dist/bind/lib/dns/rdata.c Sat Sep 15 09:09:32 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: rdata.c,v 1.1.1.3.4.3 2012/06/05 20:01:02 bouyer Exp $ */ +/* $NetBSD: rdata.c,v 1.1.1.3.4.4 2012/09/15 09:09:32 bouyer Exp $ */ /* * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. (ISC) @@ -407,6 +407,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d isc_buffer_t st; isc_boolean_t use_default = ISC_FALSE; isc_uint32_t activelength; + size_t length; REQUIRE(dctx != NULL); if (rdata != NULL) { @@ -437,6 +438,14 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d } /* + * Reject any rdata that expands out to more than DNS_RDATA_MAXLENGTH + * as we cannot transmit it. + */ + length = isc_buffer_usedlength(target) - isc_buffer_usedlength(st); + if (result == ISC_R_SUCCESS length DNS_RDATA_MAXLENGTH) + result = DNS_R_FORMERR; + + /* * We should have consumed all of our buffer. */ if (result == ISC_R_SUCCESS !buffer_empty(source)) @@ -444,8 +453,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d if (rdata != NULL result == ISC_R_SUCCESS) { region.base = isc_buffer_used(st); - region.length = isc_buffer_usedlength(target) - -isc_buffer_usedlength(st); + region.length = length; dns_rdata_fromregion(rdata, rdclass, type, region); } @@ -580,6 +588,7 @@ dns_rdata_fromtext(dns_rdata_t *rdata, d unsigned long line; void (*callback)(dns_rdatacallbacks_t *, const char *, ...); isc_result_t tresult; + size_t length;
CVS commit: [netbsd-4] src/dist/bind
Module Name:src Committed By: riz Date: Tue Jul 24 20:38:40 UTC 2012 Modified Files: src/dist/bind [netbsd-4]: CHANGES version src/dist/bind/bin/tests/system/stub [netbsd-4]: tests.sh src/dist/bind/lib/dns [netbsd-4]: resolver.c zone.c src/dist/bind/lib/isc [netbsd-4]: random.c Log Message: Pull up following revision(s) (requested by spz in ticket #1455): dist/bind/CHANGES dist/bind/version dist/bind/bin/tests/system/stub/tests.sh dist/bind/lib/dns/resolver.c dist/bind/lib/dns/zone.c dist/bind/lib/isc/random.c Address Heavy DNSSEC validation load can cause a bad cache assertion failure in bind vulnerability. It was generated out of the 9.6-ESV-R7-P1 patch from ISC To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.9 -r1.1.1.4.4.10 src/dist/bind/CHANGES \ src/dist/bind/version cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \ src/dist/bind/bin/tests/system/stub/tests.sh cvs rdiff -u -r1.2.2.7 -r1.2.2.8 src/dist/bind/lib/dns/resolver.c cvs rdiff -u -r1.1.1.4.4.3 -r1.1.1.4.4.4 src/dist/bind/lib/dns/zone.c cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 src/dist/bind/lib/isc/random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/CHANGES diff -u src/dist/bind/CHANGES:1.1.1.4.4.9 src/dist/bind/CHANGES:1.1.1.4.4.10 --- src/dist/bind/CHANGES:1.1.1.4.4.9 Tue Jun 5 20:01:02 2012 +++ src/dist/bind/CHANGES Tue Jul 24 20:38:38 2012 @@ -1,3 +1,14 @@ +--- 9.4-ESV-R4-P2nb1: added patches from 9.6-ESV-R7-P2 --- + +3346. [security] Bad-cache data could be used before it was + initialized, causing an assert. [RT #30025] + +3343. [bug] Relax isc_random_jitter() REQUIRE tests. [RT #29821] + +3342. [bug] Change #3314 broke saving of stub zones to disk + resulting in excessive cpu usage in some cases. + [RT #29952] + --- 9.4-ESV-R4-P2 released --- 3331. [security] dns_rdataslab_fromrdataset could produce bad Index: src/dist/bind/version diff -u src/dist/bind/version:1.1.1.4.4.9 src/dist/bind/version:1.1.1.4.4.10 --- src/dist/bind/version:1.1.1.4.4.9 Tue Jun 5 20:01:02 2012 +++ src/dist/bind/version Tue Jul 24 20:38:38 2012 @@ -1,4 +1,4 @@ -# $Id: version,v 1.1.1.4.4.9 2012/06/05 20:01:02 bouyer Exp $ +# $Id: version,v 1.1.1.4.4.10 2012/07/24 20:38:38 riz Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=4 PATCHVER= RELEASETYPE=-ESV -RELEASEVER=-R4-P2 +RELEASEVER=-R4-P2nb1 Index: src/dist/bind/bin/tests/system/stub/tests.sh diff -u src/dist/bind/bin/tests/system/stub/tests.sh:1.1.1.3.4.1 src/dist/bind/bin/tests/system/stub/tests.sh:1.1.1.3.4.2 --- src/dist/bind/bin/tests/system/stub/tests.sh:1.1.1.3.4.1 Thu May 17 00:36:53 2007 +++ src/dist/bind/bin/tests/system/stub/tests.sh Tue Jul 24 20:38:39 2012 @@ -21,19 +21,38 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh status=0 +echo I:check that the stub zone has been saved to disk +for i in 1 2 3 4 5 6 7 8 9 20 +do + [ -f ns3/child.example.st ] break + sleep 1 +done +[ -f ns3/child.example.st ] || { status=1; echo I:failed; } -echo I:trying an axfr that should be denied (NOTAUTH) -$DIG +tcp data.child.example. @10.53.0.3 axfr -p 5300 dig.out.ns3 || status=1 +for pass in 1 2 +do + +echo I:trying an axfr that should be denied (NOTAUTH) (pass=$pass) +$DIG +tcp child.example. @10.53.0.3 axfr -p 5300 dig.out.ns3 || status=1 grep ; Transfer failed. dig.out.ns3 /dev/null || status=1 -echo I:look for stub zone data without recursion (should not be found) +echo I:look for stub zone data without recursion (should not be found) (pass=$pass) $DIG +tcp +norec data.child.example. @10.53.0.3 txt -p 5300 dig.out.ns3 \ || status=1 $PERL ../digcomp.pl knowngood.dig.out.norec dig.out.ns3 || status=1 -echo I:look for stub zone data with recursion (should be found) +echo I:look for stub zone data with recursion (should be found) (pass=$pass) $DIG +tcp data.child.example. @10.53.0.3 txt -p 5300 dig.out.ns3 || status=1 $PERL ../digcomp.pl knowngood.dig.out.rec dig.out.ns3 || status=1 +[ $pass = 1 ] { + echo I:stopping stub server + $PERL $SYSTEMTESTTOP/stop.pl . ns3 + + echo I:re-starting stub server + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3 +} +done + echo I:exit status: $status exit $status Index: src/dist/bind/lib/dns/resolver.c diff -u src/dist/bind/lib/dns/resolver.c:1.2.2.7 src/dist/bind/lib/dns/resolver.c:1.2.2.8 --- src/dist/bind/lib/dns/resolver.c:1.2.2.7 Sat Jul 16 00:45:38 2011 +++ src/dist/bind/lib/dns/resolver.c Tue Jul 24 20:38:39 2012 @@ -1,4 +1,4 @@ -/*$NetBSD: resolver.c,v 1.2.2.7 2011/07/16 00:45:38 riz Exp $ */ +/*$NetBSD: resolver.c,v 1.2.2.8 2012/07/24 20:38:39 riz Exp $ */ /* * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. (ISC) @@ -7625,6 +7625,7 @@ dns_resolver_addbadcache(dns_resolver_t } bad-type = type; bad-hashval =
CVS commit: [netbsd-4] src/dist/bind
Module Name:src Committed By: bouyer Date: Tue Jun 5 20:01:03 UTC 2012 Modified Files: src/dist/bind [netbsd-4]: CHANGES version src/dist/bind/lib/dns [netbsd-4]: rdata.c rdataslab.c Log Message: Apply patch, requested by christos in ticket #1447 dist/bind/CHANGES patch dist/bind/version patch dist/bind/lib/dns/rdata.c patch dist/bind/lib/dns/rdataslab.c patch Update bind to 9.4-ESV-R4-P2 3331. [security] dns_rdataslab_fromrdataset could produce bad rdataslabs. [RT #29644] To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.8 -r1.1.1.4.4.9 src/dist/bind/CHANGES \ src/dist/bind/version cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 src/dist/bind/lib/dns/rdata.c cvs rdiff -u -r1.1.1.3.4.3 -r1.1.1.3.4.4 src/dist/bind/lib/dns/rdataslab.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/CHANGES diff -u src/dist/bind/CHANGES:1.1.1.4.4.8 src/dist/bind/CHANGES:1.1.1.4.4.9 --- src/dist/bind/CHANGES:1.1.1.4.4.8 Sun Nov 20 13:02:25 2011 +++ src/dist/bind/CHANGES Tue Jun 5 20:01:02 2012 @@ -1,3 +1,8 @@ + --- 9.4-ESV-R4-P2 released --- + +3331. [security] dns_rdataslab_fromrdataset could produce bad + rdataslabs. [RT #29644] + 3218. [security] Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [RT #26590] Index: src/dist/bind/version diff -u src/dist/bind/version:1.1.1.4.4.8 src/dist/bind/version:1.1.1.4.4.9 --- src/dist/bind/version:1.1.1.4.4.8 Sat Jun 18 10:36:30 2011 +++ src/dist/bind/version Tue Jun 5 20:01:02 2012 @@ -1,4 +1,4 @@ -# $Id: version,v 1.1.1.4.4.8 2011/06/18 10:36:30 bouyer Exp $ +# $Id: version,v 1.1.1.4.4.9 2012/06/05 20:01:02 bouyer Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=4 PATCHVER= RELEASETYPE=-ESV -RELEASEVER=-R4-P1 +RELEASEVER=-R4-P2 Index: src/dist/bind/lib/dns/rdata.c diff -u src/dist/bind/lib/dns/rdata.c:1.1.1.3.4.2 src/dist/bind/lib/dns/rdata.c:1.1.1.3.4.3 --- src/dist/bind/lib/dns/rdata.c:1.1.1.3.4.2 Sun Jan 23 21:47:39 2011 +++ src/dist/bind/lib/dns/rdata.c Tue Jun 5 20:01:02 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: rdata.c,v 1.1.1.3.4.2 2011/01/23 21:47:39 bouyer Exp $ */ +/* $NetBSD: rdata.c,v 1.1.1.3.4.3 2012/06/05 20:01:02 bouyer Exp $ */ /* * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. (ISC) @@ -338,6 +338,8 @@ dns_rdata_compare(const dns_rdata_t *rda REQUIRE(rdata2 != NULL); REQUIRE(rdata1-data != NULL); REQUIRE(rdata2-data != NULL); + REQUIRE(rdata1-length == 0 || rdata1-data != NULL); + REQUIRE(rdata2-length == 0 || rdata2-data != NULL); REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1)); REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2)); Index: src/dist/bind/lib/dns/rdataslab.c diff -u src/dist/bind/lib/dns/rdataslab.c:1.1.1.3.4.3 src/dist/bind/lib/dns/rdataslab.c:1.1.1.3.4.4 --- src/dist/bind/lib/dns/rdataslab.c:1.1.1.3.4.3 Sun Jan 23 21:47:39 2011 +++ src/dist/bind/lib/dns/rdataslab.c Tue Jun 5 20:01:03 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: rdataslab.c,v 1.1.1.3.4.3 2011/01/23 21:47:39 bouyer Exp $ */ +/* $NetBSD: rdataslab.c,v 1.1.1.3.4.4 2012/06/05 20:01:03 bouyer Exp $ */ /* * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. (ISC) @@ -130,6 +130,11 @@ isc_result_t dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx, isc_region_t *region, unsigned int reservelen) { + /* + * Use removed as a sentinal pointer for duplicate + * rdata as rdata.data == NULL is valid. + */ + static unsigned char removed; struct xrdata *x; unsigned char *rawbuf; #if DNS_RDATASET_FIXED @@ -168,6 +173,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_ INSIST(result == ISC_R_SUCCESS); dns_rdata_init(x[i].rdata); dns_rdataset_current(rdataset, x[i].rdata); + INSIST(x[i].rdata.data != removed); #if DNS_RDATASET_FIXED x[i].order = i; #endif @@ -200,8 +206,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_ */ for (i = 1; i nalloc; i++) { if (compare_rdata(x[i-1].rdata, x[i].rdata) == 0) { - x[i-1].rdata.data = NULL; - x[i-1].rdata.length = 0; + x[i-1].rdata.data = removed; #if DNS_RDATASET_FIXED /* * Preserve the least order so A, B, A - A, B @@ -277,7 +282,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_ #endif for (i = 0; i nalloc; i++) { - if (x[i].rdata.data == NULL) + if (x[i].rdata.data == removed) continue; #if DNS_RDATASET_FIXED offsettable[x[i].order] = rawbuf - offsetbase;
CVS commit: [netbsd-4] src/dist/bind
Module Name:src Committed By: bouyer Date: Sun Nov 20 13:02:27 UTC 2011 Modified Files: src/dist/bind [netbsd-4]: CHANGES src/dist/bind/bin/named [netbsd-4]: query.c src/dist/bind/bin/nsupdate [netbsd-4]: nsupdate.8 src/dist/bind/lib/dns [netbsd-4]: master.c rbtdb.c src/dist/bind/lib/isc/nothreads [netbsd-4]: condition.c mutex.c src/dist/bind/lib/isc/unix [netbsd-4]: time.c src/dist/bind/lib/lwres/include/lwres [netbsd-4]: lwres.h Log Message: Apply patch, requested by christos in ticket #1437: src/dist/bind/CHANGES src/dist/bind/bin/named/query.c src/dist/bind/bin/nsupdate/nsupdate.8 src/dist/bind/lib/dns/master.c src/dist/bind/lib/dns/rbtdb.c src/dist/bind/lib/isc/nothreads/condition.c src/dist/bind/lib/isc/nothreads/mutex.c src/dist/bind/lib/isc/unix/time.c src/dist/bind/lib/lwres/include/lwres/lwres.h Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. Fixes CVE-2011-4313. To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.7 -r1.1.1.4.4.8 src/dist/bind/CHANGES cvs rdiff -u -r1.3.2.4 -r1.3.2.5 src/dist/bind/bin/named/query.c cvs rdiff -u -r1.1.1.3.4.3 -r1.1.1.3.4.4 \ src/dist/bind/bin/nsupdate/nsupdate.8 cvs rdiff -u -r1.1.1.4.4.3 -r1.1.1.4.4.4 src/dist/bind/lib/dns/master.c cvs rdiff -u -r1.1.1.4.4.5 -r1.1.1.4.4.6 src/dist/bind/lib/dns/rbtdb.c cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \ src/dist/bind/lib/isc/nothreads/condition.c \ src/dist/bind/lib/isc/nothreads/mutex.c cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 src/dist/bind/lib/isc/unix/time.c cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \ src/dist/bind/lib/lwres/include/lwres/lwres.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/CHANGES diff -u src/dist/bind/CHANGES:1.1.1.4.4.7 src/dist/bind/CHANGES:1.1.1.4.4.8 --- src/dist/bind/CHANGES:1.1.1.4.4.7 Sat Jun 18 10:36:30 2011 +++ src/dist/bind/CHANGES Sun Nov 20 13:02:25 2011 @@ -1,3 +1,7 @@ +3218. [security] Cache lookup could return RRSIG data associated with +nonexistent records, leading to an assertion +failure. [RT #26590] + --- 9.4-ESV-R4-P1 released --- 3121. [security] An authoritative name server sending a negative Index: src/dist/bind/bin/named/query.c diff -u src/dist/bind/bin/named/query.c:1.3.2.4 src/dist/bind/bin/named/query.c:1.3.2.5 --- src/dist/bind/bin/named/query.c:1.3.2.4 Sun Jan 23 21:47:10 2011 +++ src/dist/bind/bin/named/query.c Sun Nov 20 13:02:26 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: query.c,v 1.3.2.4 2011/01/23 21:47:10 bouyer Exp $ */ +/* $NetBSD: query.c,v 1.3.2.5 2011/11/20 13:02:26 bouyer Exp $ */ /* * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. (ISC) @@ -1253,11 +1253,9 @@ query_addadditional(void *arg, dns_name_ goto addname; if (result == DNS_R_NCACHENXRRSET) { dns_rdataset_disassociate(rdataset); - /* - * Negative cache entries don't have sigrdatasets. - */ - INSIST(sigrdataset == NULL || - ! dns_rdataset_isassociated(sigrdataset)); + if (sigrdataset != NULL + dns_rdataset_isassociated(sigrdataset)) +dns_rdataset_disassociate(sigrdataset); } if (result == ISC_R_SUCCESS) { mname = NULL; @@ -1298,8 +1296,9 @@ query_addadditional(void *arg, dns_name_ goto addname; if (result == DNS_R_NCACHENXRRSET) { dns_rdataset_disassociate(rdataset); - INSIST(sigrdataset == NULL || - ! dns_rdataset_isassociated(sigrdataset)); + if (sigrdataset != NULL + dns_rdataset_isassociated(sigrdataset)) +dns_rdataset_disassociate(sigrdataset); } if (result == ISC_R_SUCCESS) { mname = NULL; @@ -1748,10 +1747,8 @@ query_addadditional2(void *arg, dns_name goto setcache; if (result == DNS_R_NCACHENXRRSET) { dns_rdataset_disassociate(rdataset); - /* - * Negative cache entries don't have sigrdatasets. - */ - INSIST(! dns_rdataset_isassociated(sigrdataset)); + if (dns_rdataset_isassociated(sigrdataset)) + dns_rdataset_disassociate(sigrdataset); } if (result == ISC_R_SUCCESS) { /* Remember the result as a cache */ Index: src/dist/bind/bin/nsupdate/nsupdate.8 diff -u src/dist/bind/bin/nsupdate/nsupdate.8:1.1.1.3.4.3 src/dist/bind/bin/nsupdate/nsupdate.8:1.1.1.3.4.4 --- src/dist/bind/bin/nsupdate/nsupdate.8:1.1.1.3.4.3 Sun Jan 23 21:47:11 2011 +++ src/dist/bind/bin/nsupdate/nsupdate.8 Sun Nov 20 13:02:26 2011 @@ -1,2 +1,443 @@ -.\ $NetBSD: nsupdate.8,v 1.1.1.3.4.3 2011/01/23 21:47:11 bouyer Exp $ +.\ $NetBSD: nsupdate.8,v 1.1.1.3.4.4 2011/11/20 13:02:26 bouyer Exp $ .\ +.\ Copyright (C) 2004-2010 Internet Systems Consortium, Inc. (ISC) +.\ Copyright (C) 2000-2003 Internet Software Consortium. +.\ +.\ Permission to use, copy, modify, and/or distribute this software for any +.\
CVS commit: [netbsd-4] src/dist/bind/lib/dns
Module Name:src Committed By: riz Date: Sat Jul 16 00:45:39 UTC 2011 Modified Files: src/dist/bind/lib/dns [netbsd-4]: masterdump.c message.c ncache.c rbtdb.c rdataset.c resolver.c validator.c src/dist/bind/lib/dns/include/dns [netbsd-4]: rdataset.h Log Message: dist/bind/lib/dns/masterdump.c patch dist/bind/lib/dns/message.c patch dist/bind/lib/dns/ncache.c patch dist/bind/lib/dns/rbtdb.c patch dist/bind/lib/dns/rdataset.cpatch dist/bind/lib/dns/resolver.cpatch dist/bind/lib/dns/validator.c patch dist/bind/lib/dns/include/dns/rdataset.hpatch Patch bind to address CVE-2011-2464. [spz, ticket #1431] To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.3 -r1.1.1.4.4.4 src/dist/bind/lib/dns/masterdump.c cvs rdiff -u -r1.2.4.3 -r1.2.4.4 src/dist/bind/lib/dns/message.c cvs rdiff -u -r1.1.1.3.4.3 -r1.1.1.3.4.4 src/dist/bind/lib/dns/ncache.c \ src/dist/bind/lib/dns/rdataset.c cvs rdiff -u -r1.1.1.4.4.4 -r1.1.1.4.4.5 src/dist/bind/lib/dns/rbtdb.c cvs rdiff -u -r1.2.2.6 -r1.2.2.7 src/dist/bind/lib/dns/resolver.c cvs rdiff -u -r1.4.4.6 -r1.4.4.7 src/dist/bind/lib/dns/validator.c cvs rdiff -u -r1.1.1.3.4.3 -r1.1.1.3.4.4 \ src/dist/bind/lib/dns/include/dns/rdataset.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/lib/dns/masterdump.c diff -u src/dist/bind/lib/dns/masterdump.c:1.1.1.4.4.3 src/dist/bind/lib/dns/masterdump.c:1.1.1.4.4.4 --- src/dist/bind/lib/dns/masterdump.c:1.1.1.4.4.3 Sun Jan 23 21:47:38 2011 +++ src/dist/bind/lib/dns/masterdump.c Sat Jul 16 00:45:36 2011 @@ -1,7 +1,7 @@ -/* $NetBSD: masterdump.c,v 1.1.1.4.4.3 2011/01/23 21:47:38 bouyer Exp $ */ +/* $NetBSD: masterdump.c,v 1.1.1.4.4.4 2011/07/16 00:45:36 riz Exp $ */ /* - * Copyright (C) 2004-2006, 2008, 2009 Internet Systems Consortium, Inc. (ISC) + * Copyright (C) 2004-2006, 2008, 2009, 2011 Internet Systems Consortium, Inc. (ISC) * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -17,7 +17,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* Id: masterdump.c,v 1.73.18.19 2009/11/25 04:50:24 marka Exp */ +/* Id: masterdump.h,v 1.31.14.7 2011-05-27 23:49:08 tbox Exp */ /*! \file */ @@ -357,6 +357,7 @@ isc_uint32_t current_ttl; isc_boolean_t current_ttl_valid; dns_rdatatype_t type; + unsigned int type_start; REQUIRE(DNS_RDATASET_VALID(rdataset)); @@ -438,29 +439,26 @@ * Type. */ - if (rdataset-type == 0) { + if ((rdataset-attributes DNS_RDATASETATTR_NEGATIVE) != 0) { type = rdataset-covers; } else { type = rdataset-type; } - { - unsigned int type_start; - INDENT_TO(type_column); - type_start = target-used; - if (rdataset-type == 0) -RETERR(str_totext(\\-, target)); - result = dns_rdatatype_totext(type, target); - if (result != ISC_R_SUCCESS) -return (result); - column += (target-used - type_start); - } + INDENT_TO(type_column); + type_start = target-used; + if ((rdataset-attributes DNS_RDATASETATTR_NEGATIVE) != 0) + RETERR(str_totext(\\-, target)); + result = dns_rdatatype_totext(type, target); + if (result != ISC_R_SUCCESS) + return (result); + column += (target-used - type_start); /* * Rdata. */ INDENT_TO(rdata_column); - if (rdataset-type == 0) { + if ((rdataset-attributes DNS_RDATASETATTR_NEGATIVE) != 0) { if (NXDOMAIN(rdataset)) RETERR(str_totext(;-$NXDOMAIN\n, target)); else @@ -831,7 +829,7 @@ sizeof(trustnames[0]))); fprintf(f, ; %s\n, trustnames[trust]); } - if (rds-type == 0 + if (((rds-attributes DNS_RDATASETATTR_NEGATIVE) != 0) (ctx-style.flags DNS_STYLEFLAG_NCACHE) == 0) { /* Omit negative cache entries */ } else { @@ -987,7 +985,7 @@ dns_rdataset_init(rdataset); dns_rdatasetiter_current(rdsiter, rdataset); - if (rdataset.type == 0 + if (((rdataset.attributes DNS_RDATASETATTR_NEGATIVE) != 0) (ctx-style.flags DNS_STYLEFLAG_NCACHE) == 0) { /* Omit negative cache entries */ } else { Index: src/dist/bind/lib/dns/message.c diff -u src/dist/bind/lib/dns/message.c:1.2.4.3 src/dist/bind/lib/dns/message.c:1.2.4.4 --- src/dist/bind/lib/dns/message.c:1.2.4.3 Sun Jan 23 21:47:38 2011 +++ src/dist/bind/lib/dns/message.c Sat Jul 16 00:45:37 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: message.c,v 1.2.4.3 2011/01/23 21:47:38 bouyer Exp $ */ +/* $NetBSD: message.c,v 1.2.4.4 2011/07/16 00:45:37 riz Exp $ */ /* * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. (ISC) @@ -17,7 +17,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* Id: message.c,v 1.222.18.18 2009/01/19 23:46:15 tbox Exp */ +/* Id:
CVS commit: [netbsd-4] src/dist/bind
Module Name:src Committed By: bouyer Date: Sat Jun 18 10:36:32 UTC 2011 Modified Files: src/dist/bind [netbsd-4]: CHANGES version src/dist/bind/lib/dns [netbsd-4]: api ncache.c rdataset.c validator.c src/dist/bind/lib/dns/include/dns [netbsd-4]: rdataset.h Log Message: Apply patch, requested by spz in ticket #1430: dist/bind/CHANGES: patch dist/bind/version: patch dist/bind/lib/dns/api: patch dist/bind/lib/dns/ncache.c: patch dist/bind/lib/dns/rdataset.c: patch dist/bind/lib/dns/validator.c: patch dist/bind/lib/dns/include/dns/rdataset.h: patch Fix security issue: An authoritative name server sending a negative response containing a very large RRset could trigger an off-by-one error in the ncache code and crash named. Fix bug: Named could fail to validate zones listed in a DLV that validated insecure without using DLV and had DS records in the parent zone. To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.6 -r1.1.1.4.4.7 src/dist/bind/CHANGES cvs rdiff -u -r1.1.1.4.4.7 -r1.1.1.4.4.8 src/dist/bind/version cvs rdiff -u -r1.1.1.4.4.5 -r1.1.1.4.4.6 src/dist/bind/lib/dns/api cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 src/dist/bind/lib/dns/ncache.c \ src/dist/bind/lib/dns/rdataset.c cvs rdiff -u -r1.4.4.5 -r1.4.4.6 src/dist/bind/lib/dns/validator.c cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 \ src/dist/bind/lib/dns/include/dns/rdataset.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/CHANGES diff -u src/dist/bind/CHANGES:1.1.1.4.4.6 src/dist/bind/CHANGES:1.1.1.4.4.7 --- src/dist/bind/CHANGES:1.1.1.4.4.6 Sun Jan 23 21:47:02 2011 +++ src/dist/bind/CHANGES Sat Jun 18 10:36:30 2011 @@ -1,3 +1,14 @@ + --- 9.4-ESV-R4-P1 released --- + +3121. [security] An authoritative name server sending a negative +response containing a very large RRset could +trigger an off-by-one error in the ncache code +and crash named. [RT #24650] + +3120. [bug] Named could fail to validate zones listed in a DLV + that validated insecure without using DLV and had + DS records in the parent zone. [RT #24631] + --- 9.4-ESV-R4 released --- 2970. [security] Adding a NO DATA negative cache entry failed to clear Index: src/dist/bind/version diff -u src/dist/bind/version:1.1.1.4.4.7 src/dist/bind/version:1.1.1.4.4.8 --- src/dist/bind/version:1.1.1.4.4.7 Sun Jan 23 21:47:07 2011 +++ src/dist/bind/version Sat Jun 18 10:36:30 2011 @@ -1,4 +1,4 @@ -# Id: version,v 1.29.134.32 2010/11/18 01:34:50 marka Exp +# $Id: version,v 1.1.1.4.4.8 2011/06/18 10:36:30 bouyer Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MINORVER=4 PATCHVER= RELEASETYPE=-ESV -RELEASEVER=-R4 +RELEASEVER=-R4-P1 Index: src/dist/bind/lib/dns/api diff -u src/dist/bind/lib/dns/api:1.1.1.4.4.5 src/dist/bind/lib/dns/api:1.1.1.4.4.6 --- src/dist/bind/lib/dns/api:1.1.1.4.4.5 Sun Jan 23 21:47:37 2011 +++ src/dist/bind/lib/dns/api Sat Jun 18 10:36:31 2011 @@ -1,3 +1,3 @@ LIBINTERFACE = 39 -LIBREVISION = 1 +LIBREVISION = 3 LIBAGE = 1 Index: src/dist/bind/lib/dns/ncache.c diff -u src/dist/bind/lib/dns/ncache.c:1.1.1.3.4.2 src/dist/bind/lib/dns/ncache.c:1.1.1.3.4.3 --- src/dist/bind/lib/dns/ncache.c:1.1.1.3.4.2 Sun Jan 23 21:47:38 2011 +++ src/dist/bind/lib/dns/ncache.c Sat Jun 18 10:36:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: ncache.c,v 1.1.1.3.4.2 2011/01/23 21:47:38 bouyer Exp $ */ +/* $NetBSD: ncache.c,v 1.1.1.3.4.3 2011/06/18 10:36:31 bouyer Exp $ */ /* * Copyright (C) 2004, 2005, 2010 Internet Systems Consortium, Inc. (ISC) @@ -17,7 +17,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* Id: ncache.c,v 1.36.18.8 2010/06/03 23:46:10 tbox Exp */ +/* Id: ncache.c,v 1.36.18.8.10.1 2011-05-26 23:56:27 each Exp */ /*! \file */ @@ -177,7 +177,7 @@ */ isc_buffer_availableregion(buffer, r); - if (r.length 2) + if (r.length 3) return (ISC_R_NOSPACE); isc_buffer_putuint16(buffer, rdataset-type); Index: src/dist/bind/lib/dns/rdataset.c diff -u src/dist/bind/lib/dns/rdataset.c:1.1.1.3.4.2 src/dist/bind/lib/dns/rdataset.c:1.1.1.3.4.3 --- src/dist/bind/lib/dns/rdataset.c:1.1.1.3.4.2 Sun Jan 23 21:47:39 2011 +++ src/dist/bind/lib/dns/rdataset.c Sat Jun 18 10:36:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: rdataset.c,v 1.1.1.3.4.2 2011/01/23 21:47:39 bouyer Exp $ */ +/* $NetBSD: rdataset.c,v 1.1.1.3.4.3 2011/06/18 10:36:31 bouyer Exp $ */ /* * Copyright (C) 2004-2006, 2009, 2010 Internet Systems Consortium, Inc. (ISC) @@ -17,7 +17,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* Id: rdataset.c,v 1.72.18.9 2010/02/26 23:46:36 tbox
CVS commit: [netbsd-4] src/dist/bind/lib/isc/alpha/include/isc
Module Name:src Committed By: bouyer Date: Sat Jan 29 17:37:27 UTC 2011 Modified Files: src/dist/bind/lib/isc/alpha/include/isc [netbsd-4]: atomic.h Log Message: Add __unused to inline functions; fix alpha build after ticket #1413 To generate a diff of this commit: cvs rdiff -u -r1.2.2.3 -r1.2.2.4 \ src/dist/bind/lib/isc/alpha/include/isc/atomic.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/lib/isc/alpha/include/isc/atomic.h diff -u src/dist/bind/lib/isc/alpha/include/isc/atomic.h:1.2.2.3 src/dist/bind/lib/isc/alpha/include/isc/atomic.h:1.2.2.4 --- src/dist/bind/lib/isc/alpha/include/isc/atomic.h:1.2.2.3 Sun Jan 23 21:47:43 2011 +++ src/dist/bind/lib/isc/alpha/include/isc/atomic.h Sat Jan 29 17:37:27 2011 @@ -1,4 +1,4 @@ -/*$NetBSD: atomic.h,v 1.2.2.3 2011/01/23 21:47:43 bouyer Exp $ */ +/*$NetBSD: atomic.h,v 1.2.2.4 2011/01/29 17:37:27 bouyer Exp $ */ /* * Copyright (C) 2005, 2009 Internet Systems Consortium, Inc. (ISC) @@ -68,7 +68,7 @@ * can be critical, so we add explicit memory block instructions at the * beginning and the end of it (same for other functions). */ -static inline isc_int32_t +static inline isc_int32_t __unused isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { return (asm(mb; 1: @@ -84,7 +84,7 @@ /* * This routine atomically stores the value 'val' in 'p'. */ -static inline void +static inline void __unused isc_atomic_store(isc_int32_t *p, isc_int32_t val) { (void)asm(mb; 1: @@ -101,7 +101,7 @@ * original value is equal to 'cmpval'. The original value is returned in any * case. */ -static inline isc_int32_t +static inline isc_int32_t __unused isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { return(asm(mb; @@ -118,7 +118,7 @@ p, cmpval, val)); } #elif defined (ISC_PLATFORM_USEGCCASM) -static inline isc_int32_t +static inline isc_int32_t __unused isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { isc_int32_t temp, prev; @@ -138,7 +138,7 @@ return (prev); } -static inline void +static inline void __unused isc_atomic_store(isc_int32_t *p, isc_int32_t val) { isc_int32_t temp; @@ -155,7 +155,7 @@ : memory); } -static inline isc_int32_t +static inline isc_int32_t __unused isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { isc_int32_t temp, prev;
CVS commit: [netbsd-4] src/dist/bind/bin/named
Module Name:src Committed By: snj Date: Tue Jul 28 22:18:51 UTC 2009 Modified Files: src/dist/bind/bin/named [netbsd-4]: update.c Log Message: Apply patch (requested by christos in ticket #1347): Fix CVE-2009-0696. To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.2 -r1.1.1.4.4.3 src/dist/bind/bin/named/update.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/dist/bind/bin/named/update.c diff -u src/dist/bind/bin/named/update.c:1.1.1.4.4.2 src/dist/bind/bin/named/update.c:1.1.1.4.4.3 --- src/dist/bind/bin/named/update.c:1.1.1.4.4.2 Wed Jul 16 01:56:33 2008 +++ src/dist/bind/bin/named/update.c Tue Jul 28 22:18:51 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: update.c,v 1.1.1.4.4.2 2008/07/16 01:56:33 snj Exp $ */ +/* $NetBSD: update.c,v 1.1.1.4.4.3 2009/07/28 22:18:51 snj Exp $ */ /* * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. (ISC) @@ -863,7 +863,11 @@ if (type == dns_rdatatype_rrsig || type == dns_rdatatype_sig) covers = dns_rdata_covers(t-rdata); - else + else if (type == dns_rdatatype_any) { +dns_db_detachnode(db, node); +dns_diff_clear(trash); +return (DNS_R_NXRRSET); + } else covers = 0; /*