upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Only update foundname if returning DNS_R_COVERINGNSEC

Browse source 
'setup_delegation' depends on 'foundname' being the value returned
by 'dns_rbt_findnode' in the cache and 'find_coveringnsec' was
modifying 'foundname' when a covering NSEC was not found.
This commit is contained in:
Mark Andrews 2022-02-16 19:20:25 +11:00 committed by Michał Kępień
parent a64496ef02
commit 1d32fbcd34
1 changed files with 16 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
lib/dns/rbtdb.c
View file

@ -4760,24 +4760,28 @@ find_deepest_zonecut(rbtdb_search_t *search, dns_rbtnode_t *node,
/*
* Look for a potentially covering NSEC in the cache where `name`
* is known to not exist. This uses the auxiliary NSEC tree to find
* the potential NSEC owner.
* is known not to exist. This uses the auxiliary NSEC tree to find
* the potential NSEC owner. If found, we update 'foundname', 'nodep',
* 'rdataset' and 'sigrdataset', and return DNS_R_COVERINGNSEC.
* Otherwise, return ISC_R_NOTFOUND.
*/
static isc_result_t
find_coveringnsec(rbtdb_search_t *search, const dns_name_t *name,
dns_dbnode_t **nodep, isc_stdtime_t now,
dns_name_t *foundname, dns_rdataset_t *rdataset,
dns_rdataset_t *sigrdataset) {
dns_fixedname_t fprefix, forigin, ftarget;
dns_name_t *prefix, *origin, *target;
dns_fixedname_t fprefix, forigin, ftarget, fixed;
dns_name_t *prefix = NULL, *origin = NULL;
dns_name_t *target = NULL, *fname = NULL;
dns_rbtnode_t *node = NULL;
dns_rbtnodechain_t chain;
isc_result_t result;
isc_rwlocktype_t locktype;
nodelock_t *lock;
nodelock_t *lock = NULL;
rbtdb_rdatatype_t matchtype, sigmatchtype;
rdatasetheader_t *found, *foundsig;
rdatasetheader_t *header, *header_next, *header_prev;
rdatasetheader_t *found = NULL, *foundsig = NULL;
rdatasetheader_t *header = NULL;
rdatasetheader_t *header_next = NULL, *header_prev = NULL;
/*
* Look for the node in the auxilary tree.
@ -4794,6 +4798,7 @@ find_coveringnsec(rbtdb_search_t *search, const dns_name_t *name,
prefix = dns_fixedname_initname(&fprefix);
origin = dns_fixedname_initname(&forigin);
target = dns_fixedname_initname(&ftarget);
fname = dns_fixedname_initname(&fixed);
locktype = isc_rwlocktype_read;
matchtype = RBTDB_RDATATYPE_VALUE(dns_rdatatype_nsec, 0);
@ -4818,16 +4823,12 @@ find_coveringnsec(rbtdb_search_t *search, const dns_name_t *name,
* Lookup the predecessor in the main tree.
*/
node = NULL;
result = dns_rbt_findnode(search->rbtdb->tree, target, foundname, &node,
result = dns_rbt_findnode(search->rbtdb->tree, target, fname, &node,
NULL, DNS_RBTFIND_EMPTYDATA, NULL, NULL);
if (result != ISC_R_SUCCESS) {
return (ISC_R_NOTFOUND);
}
found = NULL;
foundsig = NULL;
header_prev = NULL;
lock = &(search->rbtdb->node_locks[node->locknum].lock);
NODE_LOCK(lock, locktype);
for (header = node->data; header != NULL; header = header_next) {
@ -4862,6 +4863,9 @@ find_coveringnsec(rbtdb_search_t *search, const dns_name_t *name,
locktype, sigrdataset);
}
new_reference(search->rbtdb, node, locktype);
dns_name_copy(fname, foundname);
*nodep = node;
result = DNS_R_COVERINGNSEC;
} else {