Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff -Naur bind-9.8.1/CHANGES bind-9.8.1-P1/CHANGES
- --- bind-9.8.1/CHANGES 2011-08-24 05:17:30.000000000 +0200
- +++ bind-9.8.1-P1/CHANGES 2011-11-16 10:34:40.000000000 +0100
- @@ -1,3 +1,9 @@
- + --- 9.8.1-P1 released ---
- +
- +3218. [security] Cache lookup could return RRSIG data associated with
- + nonexistent records, leading to an assertion
- + failure. [RT #26590]
- +
- --- 9.8.1 released ---
- --- 9.8.1rc1 released ---
- diff -Naur bind-9.8.1/bin/named/query.c bind-9.8.1-P1/bin/named/query.c
- --- bind-9.8.1/bin/named/query.c 2011-06-09 05:14:03.000000000 +0200
- +++ bind-9.8.1-P1/bin/named/query.c 2011-11-16 10:32:08.000000000 +0100
- @@ -15,7 +15,7 @@
- * PERFORMANCE OF THIS SOFTWARE.
- */
- -/* $Id: query.c,v 1.353.8.11 2011-06-09 03:14:03 marka Exp $ */
- +/* $Id: query.c,v 1.353.8.11.4.1 2011-11-16 09:32:08 marka Exp $ */
- /*! \file */
- @@ -1393,11 +1393,9 @@
- goto addname;
- if (result == DNS_R_NCACHENXRRSET) {
- dns_rdataset_disassociate(rdataset);
- - /*
- - * Negative cache entries don't have sigrdatasets.
- - */
- - INSIST(sigrdataset == NULL ||
- - ! dns_rdataset_isassociated(sigrdataset));
- + if (sigrdataset != NULL &&
- + dns_rdataset_isassociated(sigrdataset))
- + dns_rdataset_disassociate(sigrdataset);
- }
- if (result == ISC_R_SUCCESS) {
- mname = NULL;
- @@ -1438,8 +1436,9 @@
- goto addname;
- if (result == DNS_R_NCACHENXRRSET) {
- dns_rdataset_disassociate(rdataset);
- - INSIST(sigrdataset == NULL ||
- - ! dns_rdataset_isassociated(sigrdataset));
- + if (sigrdataset != NULL &&
- + dns_rdataset_isassociated(sigrdataset))
- + dns_rdataset_disassociate(sigrdataset);
- }
- if (result == ISC_R_SUCCESS) {
- mname = NULL;
- @@ -1889,10 +1888,8 @@
- goto setcache;
- if (result == DNS_R_NCACHENXRRSET) {
- dns_rdataset_disassociate(rdataset);
- - /*
- - * Negative cache entries don't have sigrdatasets.
- - */
- - INSIST(! dns_rdataset_isassociated(sigrdataset));
- + if (dns_rdataset_isassociated(sigrdataset))
- + dns_rdataset_disassociate(sigrdataset);
- }
- if (result == ISC_R_SUCCESS) {
- /* Remember the result as a cache */
- diff -Naur bind-9.8.1/lib/dns/rbtdb.c bind-9.8.1-P1/lib/dns/rbtdb.c
- --- bind-9.8.1/lib/dns/rbtdb.c 2011-06-09 01:02:42.000000000 +0200
- +++ bind-9.8.1-P1/lib/dns/rbtdb.c 2011-11-16 10:32:08.000000000 +0100
- @@ -15,7 +15,7 @@
- * PERFORMANCE OF THIS SOFTWARE.
- */
- -/* $Id: rbtdb.c,v 1.310.8.5 2011-06-08 23:02:42 each Exp $ */
- +/* $Id: rbtdb.c,v 1.310.8.5.4.1 2011-11-16 09:32:08 marka Exp $ */
- /*! \file */
- @@ -5053,7 +5053,7 @@
- rdataset);
- if (need_headerupdate(found, search.now))
- update = found;
- - if (foundsig != NULL) {
- + if (!NEGATIVE(found) && foundsig != NULL) {
- bind_rdataset(search.rbtdb, node, foundsig, search.now,
- sigrdataset);
- if (need_headerupdate(foundsig, search.now))
- @@ -5685,7 +5685,7 @@
- }
- if (found != NULL) {
- bind_rdataset(rbtdb, rbtnode, found, now, rdataset);
- - if (foundsig != NULL)
- + if (!NEGATIVE(found) && foundsig != NULL)
- bind_rdataset(rbtdb, rbtnode, foundsig, now,
- sigrdataset);
- }
- diff -Naur bind-9.8.1/version bind-9.8.1-P1/version
- --- bind-9.8.1/version 2011-08-24 04:08:26.000000000 +0200
- +++ bind-9.8.1-P1/version 2011-11-16 10:32:07.000000000 +0100
- @@ -1,4 +1,4 @@
- -# $Id: version,v 1.53.8.9 2011-08-24 02:08:26 marka Exp $
- +# $Id: version,v 1.53.8.9.6.1 2011-11-16 09:32:07 marka Exp $
- #
- # This file must follow /bin/sh rules. It is imported directly via
- # configure.
- @@ -6,5 +6,5 @@
- MAJORVER=9
- MINORVER=8
- PATCHVER=1
- -RELEASETYPE=
- -RELEASEVER=
- +RELEASETYPE=-P
- +RELEASEVER=1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement