mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-28 04:34:54 -04:00
Merge branch 'XX-dont-fetch-keys-when-fuzzing-v9_12' into 'v9_12'
Don't fetch DNSKEY when fuzzing resolver See merge request isc-projects/bind9!350
This commit is contained in:
Witold Krecicki
commit
3b191620bb
2 changed files with 20 additions and 7 deletions
|
|
@ -548,9 +548,9 @@ struct dns_resolver {
|
|||
#define NEGATIVE(r) (((r)->attributes & DNS_RDATASETATTR_NEGATIVE) != 0)
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
static isc_boolean_t fuzzing_resolver = ISC_FALSE;
|
||||
isc_boolean_t dns_fuzzing_resolver = ISC_FALSE;
|
||||
void dns_resolver_setfuzzing() {
|
||||
fuzzing_resolver = ISC_TRUE;
|
||||
dns_fuzzing_resolver = ISC_TRUE;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
@ -2125,7 +2125,7 @@ add_bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) {
|
|||
isc_sockaddr_t *sa;
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
if (fuzzing_resolver)
|
||||
if (dns_fuzzing_resolver)
|
||||
return;
|
||||
#endif
|
||||
if (bad_edns(fctx, address))
|
||||
|
|
@ -3108,7 +3108,7 @@ mark_bad(fetchctx_t *fctx) {
|
|||
isc_boolean_t all_bad = ISC_TRUE;
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
if (fuzzing_resolver)
|
||||
if (dns_fuzzing_resolver)
|
||||
return ISC_FALSE;
|
||||
#endif
|
||||
|
||||
|
|
@ -3188,7 +3188,7 @@ add_bad(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, isc_result_t reason,
|
|||
isc_sockaddr_t *address = &addrinfo->sockaddr;
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
if (fuzzing_resolver)
|
||||
if (dns_fuzzing_resolver)
|
||||
return;
|
||||
#endif
|
||||
|
||||
|
|
@ -9161,7 +9161,7 @@ rctx_done(respctx_t *rctx, isc_result_t result) {
|
|||
}
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
if (fuzzing_resolver &&
|
||||
if (dns_fuzzing_resolver &&
|
||||
(rctx->next_server || rctx->resend || rctx->nextitem))
|
||||
{
|
||||
if (rctx->nextitem) {
|
||||
|
|
@ -10601,7 +10601,7 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, const dns_name_t *name,
|
|||
dns_rdatatype_t type, isc_time_t *expire)
|
||||
{
|
||||
#ifdef ENABLE_AFL
|
||||
if (!fuzzing_resolver)
|
||||
if (!dns_fuzzing_resolver)
|
||||
#endif
|
||||
{
|
||||
dns_badcache_add(resolver->badcache, name, type,
|
||||
|
|
|
|||
|
|
@ -186,6 +186,10 @@ typedef struct dns_include dns_include_t;
|
|||
#define ZONEDB_UNLOCK(l, t) UNLOCK(l)
|
||||
#endif
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
extern isc_boolean_t dns_fuzzing_resolver;
|
||||
#endif
|
||||
|
||||
struct dns_zone {
|
||||
/* Unlocked */
|
||||
unsigned int magic;
|
||||
|
|
@ -9890,6 +9894,10 @@ zone_refreshkeys(dns_zone_t *zone) {
|
|||
* as the latter will have a lower trust level due to not being
|
||||
* validated until keyfetch_done() is called.
|
||||
*/
|
||||
|
||||
#ifdef ENABLE_AFL
|
||||
if (dns_fuzzing_resolver == ISC_FALSE) {
|
||||
#endif
|
||||
result = dns_resolver_createfetch(zone->view->resolver,
|
||||
kname, dns_rdatatype_dnskey,
|
||||
NULL, NULL, NULL,
|
||||
|
|
@ -9901,6 +9909,11 @@ zone_refreshkeys(dns_zone_t *zone) {
|
|||
&kfetch->dnskeyset,
|
||||
&kfetch->dnskeysigset,
|
||||
&kfetch->fetch);
|
||||
#ifdef ENABLE_AFL
|
||||
} else {
|
||||
result = ISC_R_FAILURE;
|
||||
}
|
||||
#endif
|
||||
if (result == ISC_R_SUCCESS)
|
||||
fetching = ISC_TRUE;
|
||||
else {
|
||||
|
|
|
|||
Loading…
Reference in a new issue