mirror of
https://github.com/isc-projects/bind9.git
synced 2026-04-29 18:09:11 -04:00
3488. [bug] Use after free error with DH generated keys. [RT #32649]
This commit is contained in:
Mark Andrews
parent
32dc577940
commit
3c7df84b20
4 changed files with 20 additions and 5 deletions
2
CHANGES
2
CHANGES
|
|
@ -1,3 +1,5 @@
|
|||
3488. [bug] Use after free error with DH generated keys. [RT #32649]
|
||||
|
||||
3487. [bug] Change 3444 was not complete. There was a additional
|
||||
place where the NOQNAME proof needed to be saved.
|
||||
[RT #32629]
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ ret=0
|
|||
dhkeyname=`$KEYGEN -T KEY -a DH -b 768 -n host -r $RANDFILE client` || ret=1
|
||||
if [ $ret != 0 ]; then
|
||||
echo "I:failed"
|
||||
status=`expr $status + $ret`
|
||||
echo "I:exit status: $status"
|
||||
exit $status
|
||||
fi
|
||||
|
|
@ -43,6 +44,7 @@ do
|
|||
keyname=`./keycreate $dhkeyname $owner` || ret=1
|
||||
if [ $ret != 0 ]; then
|
||||
echo "I:failed"
|
||||
status=`expr $status + $ret`
|
||||
echo "I:exit status: $status"
|
||||
exit $status
|
||||
fi
|
||||
|
|
@ -84,6 +86,7 @@ ret=0
|
|||
keyname=`./keycreate $dhkeyname bar.example.` || ret=1
|
||||
if [ $ret != 0 ]; then
|
||||
echo "I:failed"
|
||||
status=`expr $status + $ret`
|
||||
echo "I:exit status: $status"
|
||||
exit $status
|
||||
fi
|
||||
|
|
@ -124,6 +127,7 @@ ret=0
|
|||
keyname=`./keycreate $dhkeyname bar.example.` || ret=1
|
||||
if [ $ret != 0 ]; then
|
||||
echo "I:failed"
|
||||
status=`expr $status + $ret`
|
||||
echo "I:exit status: $status"
|
||||
exit $status
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -991,8 +991,13 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name,
|
|||
|
||||
ISC_LIST_INIT(namelist);
|
||||
RETERR(add_rdata_to_list(msg, &keyname, rdata, 0, &namelist));
|
||||
dns_message_addname(msg, ISC_LIST_HEAD(namelist),
|
||||
DNS_SECTION_ADDITIONAL);
|
||||
name = ISC_LIST_HEAD(namelist);
|
||||
while (name != NULL) {
|
||||
dns_name_t *next = ISC_LIST_NEXT(name, link);
|
||||
ISC_LIST_UNLINK(namelist, name, link);
|
||||
dns_message_addname(msg, name, DNS_SECTION_ADDITIONAL);
|
||||
name = next;
|
||||
}
|
||||
|
||||
return (ISC_R_SUCCESS);
|
||||
|
||||
|
|
|
|||
|
|
@ -240,7 +240,7 @@ adjust_lru(dns_tsigkey_t *tkey) {
|
|||
* removing the read lock and aquiring the write lock.
|
||||
*/
|
||||
if (ISC_LINK_LINKED(tkey, link) &&
|
||||
(tkey->ring->lru).head != tkey)
|
||||
tkey->ring->lru.tail != tkey)
|
||||
{
|
||||
ISC_LIST_UNLINK(tkey->ring->lru, tkey, link);
|
||||
ISC_LIST_APPEND(tkey->ring->lru, tkey, link);
|
||||
|
|
@ -1768,11 +1768,15 @@ static void
|
|||
free_tsignode(void *node, void *_unused) {
|
||||
dns_tsigkey_t *key;
|
||||
|
||||
UNUSED(_unused);
|
||||
|
||||
REQUIRE(node != NULL);
|
||||
|
||||
UNUSED(_unused);
|
||||
|
||||
key = node;
|
||||
if (key->generated) {
|
||||
if (ISC_LINK_LINKED(key, link))
|
||||
ISC_LIST_UNLINK(key->ring->lru, key, link);
|
||||
}
|
||||
dns_tsigkey_detach(&key);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue