Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/bind/patches/011-RT43522.patch
branchs11u3-sru
changeset 7592 12dea84f307b
equal deleted inserted replaced
7591:ba368fc828e6 7592:12dea84f307b 
       
     1 This patch was derived from a source code patch provided by ISC to
 
       
     2 resolve ISC ticket RT #43522. [9.6-ESV-R11-S10]
 
       
     3 
       
     4 --- old/./CHANGES	Wed Jan 11 23:20:20 2017
 
       
     5 +++ new/./CHANGES	Wed Jan 11 23:20:20 2017
 
       
     6 @@ -1,3 +1,9 @@
 
       
     7 +	--- 9.6-ESV-R11-S10 released ---
 
       
     8 +
 
       
     9 +4508.	[security]	Named incorrectly tried to cache TKEY records which
 
       
    10 +			could trigger a assertion failure when there was
 
       
    11 +			a class mismatch. (CVE-2016-9131) [RT #43522]
 
       
    12 +
 
       
    13  	--- 9.6-ESV-R11-S9 released ---
 
       
    14  
       
    15  4489.   [security]      It was possible to trigger assertions when processing
 
       
    16 --- old/lib/dns/resolver.c	Wed Jan 11 23:20:20 2017
 
       
    17 +++ new/lib/dns/resolver.c	Wed Jan 11 23:20:20 2017
 
       
    18 @@ -1,5 +1,5 @@
 
       
    19  /*
 
       
    20 - * Copyright (C) 2004-2014  Internet Systems Consortium, Inc. ("ISC")
 
       
    21 + * Copyright (C) 2004-2016  Internet Systems Consortium, Inc. ("ISC")
 
       
    22   * Copyright (C) 1999-2003  Internet Software Consortium.
 
       
    23   *
 
       
    24   * Permission to use, copy, modify, and/or distribute this software for any
 
       
    25 @@ -5848,6 +5848,25 @@
 
       
    26  					    ISC_LOG_NOTICE, "NSEC3 in answer");
 
       
    27  					return (DNS_R_FORMERR);
 
       
    28  				}
 
       
    29 +				if (rdataset->type == dns_rdatatype_tkey) {
 
       
    30 +					/*
 
       
    31 +					 * TKEY is not a valid record in a
 
       
    32 +					 * response to any query we can make.
 
       
    33 +					 */
 
       
    34 +					isc_log_write(dns_lctx,
 
       
    35 +					    DNS_LOGCATEGORY_RESOLVER,
 
       
    36 +					    DNS_LOGMODULE_RESOLVER,
 
       
    37 +					    ISC_LOG_NOTICE, "TKEY in answer");
 
       
    38 +					return (DNS_R_FORMERR);
 
       
    39 +				}
 
       
    40 +				if (rdataset->rdclass != fctx->res->rdclass) {
 
       
    41 +					isc_log_write(dns_lctx,
 
       
    42 +					    DNS_LOGCATEGORY_RESOLVER,
 
       
    43 +					    DNS_LOGMODULE_RESOLVER,
 
       
    44 +					    ISC_LOG_NOTICE, "Mismatched class "
 
       
    45 +						    "in answer");
 
       
    46 +					return (DNS_R_FORMERR);
 
       
    47 +				}
 
       
    48  				if (rdataset->type == type && !found_cname) {
 
       
    49  					/*
 
       
    50  					 * We've found an ordinary answer.
 
       
    51 @@ -6017,6 +6036,15 @@
 
       
    52  			     rdataset != NULL;
 
       
    53  			     rdataset = ISC_LIST_NEXT(rdataset, link))
 
       
    54  			{
 
       
    55 +				if (rdataset->rdclass != fctx->res->rdclass) {
 
       
    56 +					isc_log_write(dns_lctx,
 
       
    57 +					    DNS_LOGCATEGORY_RESOLVER,
 
       
    58 +					    DNS_LOGMODULE_RESOLVER,
 
       
    59 +					    ISC_LOG_NOTICE, "Mismatched class "
 
       
    60 +						    "in answer");
 
       
    61 +					return (DNS_R_FORMERR);
 
       
    62 +				}
 
       
    63 +
 
       
    64  				/*
 
       
    65  				 * Only pass DNAME or RRSIG(DNAME).
 
       
    66  				 */
upstream/oracle/userland-gate