Date: Thu, 17 Nov 2011 01:02:33 +0000 (UTC) From: Doug Barton <dougb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r227600 - in vendor/bind9/dist-9.4: . bin/named lib/dns Message-ID: <201111170102.pAH12Xwq074708@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dougb Date: Thu Nov 17 01:02:33 2011 New Revision: 227600 URL: http://svn.freebsd.org/changeset/base/227600 Log: Vendor import of BIND 9.4-ESV-R5-P1 Modified: vendor/bind9/dist-9.4/CHANGES vendor/bind9/dist-9.4/bin/named/query.c vendor/bind9/dist-9.4/lib/dns/rbtdb.c vendor/bind9/dist-9.4/version Modified: vendor/bind9/dist-9.4/CHANGES ============================================================================== --- vendor/bind9/dist-9.4/CHANGES Thu Nov 17 00:36:10 2011 (r227599) +++ vendor/bind9/dist-9.4/CHANGES Thu Nov 17 01:02:33 2011 (r227600) @@ -1,3 +1,9 @@ + --- 9.4-ESV-R5-P1 released --- + +3218. [security] Cache lookup could return RRSIG data associated with + nonexistent records, leading to an assertion + failure. [RT #26590] + --- 9.4-ESV-R5 released --- 3135. [port] FreeBSD: workaround broken IPV6_USE_MIN_MTU processing. Modified: vendor/bind9/dist-9.4/bin/named/query.c ============================================================================== --- vendor/bind9/dist-9.4/bin/named/query.c Thu Nov 17 00:36:10 2011 (r227599) +++ vendor/bind9/dist-9.4/bin/named/query.c Thu Nov 17 01:02:33 2011 (r227600) @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: query.c,v 1.257.18.56 2010-11-17 10:21:01 marka Exp $ */ +/* $Id: query.c,v 1.257.18.56.12.1 2011-11-16 09:33:40 each Exp $ */ /*! \file */ @@ -1251,11 +1251,9 @@ query_addadditional(void *arg, dns_name_ goto addname; if (result == DNS_R_NCACHENXRRSET) { dns_rdataset_disassociate(rdataset); - /* - * Negative cache entries don't have sigrdatasets. - */ - INSIST(sigrdataset == NULL || - ! dns_rdataset_isassociated(sigrdataset)); + if (sigrdataset != NULL && + dns_rdataset_isassociated(sigrdataset)) + dns_rdataset_disassociate(sigrdataset); } if (result == ISC_R_SUCCESS) { mname = NULL; @@ -1296,8 +1294,9 @@ query_addadditional(void *arg, dns_name_ goto addname; if (result == DNS_R_NCACHENXRRSET) { dns_rdataset_disassociate(rdataset); - INSIST(sigrdataset == NULL || - ! dns_rdataset_isassociated(sigrdataset)); + if (sigrdataset != NULL && + dns_rdataset_isassociated(sigrdataset)) + dns_rdataset_disassociate(sigrdataset); } if (result == ISC_R_SUCCESS) { mname = NULL; @@ -1746,10 +1745,8 @@ query_addadditional2(void *arg, dns_name goto setcache; if (result == DNS_R_NCACHENXRRSET) { dns_rdataset_disassociate(rdataset); - /* - * Negative cache entries don't have sigrdatasets. - */ - INSIST(! dns_rdataset_isassociated(sigrdataset)); + if (dns_rdataset_isassociated(sigrdataset)) + dns_rdataset_disassociate(sigrdataset); } if (result == ISC_R_SUCCESS) { /* Remember the result as a cache */ Modified: vendor/bind9/dist-9.4/lib/dns/rbtdb.c ============================================================================== --- vendor/bind9/dist-9.4/lib/dns/rbtdb.c Thu Nov 17 00:36:10 2011 (r227599) +++ vendor/bind9/dist-9.4/lib/dns/rbtdb.c Thu Nov 17 01:02:33 2011 (r227600) @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbtdb.c,v 1.196.18.67 2011-06-09 00:42:47 each Exp $ */ +/* $Id: rbtdb.c,v 1.196.18.67.2.1 2011-11-16 09:33:41 each Exp $ */ /*! \file */ @@ -3672,7 +3672,7 @@ cache_find(dns_db_t *db, dns_name_t *nam result == DNS_R_NCACHENXRRSET) { bind_rdataset(search.rbtdb, node, found, search.now, rdataset); - if (foundsig != NULL) + if (!NEGATIVE(found) && foundsig != NULL) bind_rdataset(search.rbtdb, node, foundsig, search.now, sigrdataset); } @@ -4258,7 +4258,7 @@ cache_findrdataset(dns_db_t *db, dns_dbn } if (found != NULL) { bind_rdataset(rbtdb, rbtnode, found, now, rdataset); - if (foundsig != NULL) + if (!NEGATIVE(found) && foundsig != NULL) bind_rdataset(rbtdb, rbtnode, foundsig, now, sigrdataset); } Modified: vendor/bind9/dist-9.4/version ============================================================================== --- vendor/bind9/dist-9.4/version Thu Nov 17 00:36:10 2011 (r227599) +++ vendor/bind9/dist-9.4/version Thu Nov 17 01:02:33 2011 (r227600) @@ -1,4 +1,4 @@ -# $Id: version,v 1.29.134.35 2011-07-21 02:11:00 marka Exp $ +# $Id: version,v 1.29.134.35.2.1 2011-11-16 09:33:40 each Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=4 PATCHVER= RELEASETYPE=-ESV -RELEASEVER=-R5 +RELEASEVER=-R5-P1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201111170102.pAH12Xwq074708>