From 7c45caf6fe491731abed3a78e5ec6d4f6bc8e0e3 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 10 Apr 2026 13:07:26 +1000 Subject: [PATCH 1/2] Remove unnecessary dns_name_free call When processing a catalog zone member's primaries definition and there is a TXT record containing an invalid name TSIG key name, dns_name_free was incorrectly called triggering an assertion. This has been fixed. (cherry picked from commit 9f411c93c4d87b8097d39024da5a9da447cddaf7) --- lib/dns/catz.c | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/dns/catz.c b/lib/dns/catz.c index e81d4df0b3..fdc5eb879a 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1469,7 +1469,6 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, dns_rdata_freestruct(&rdata_txt); result = dns_name_fromstring(keyname, keycbuf, 0, mctx); if (result != ISC_R_SUCCESS) { - dns_name_free(keyname, mctx); isc_mem_put(mctx, keyname, sizeof(*keyname)); return result; } From 298e60f877bdf0efe8e8f80c0bce5a22ba35e64e Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 10 Apr 2026 13:05:31 +1000 Subject: [PATCH 2/2] Checking invalid TSIG key name in a catalog zone (cherry picked from commit 213e59ccf56f4d66cf65f363be4563f2e853d12f) --- bin/tests/system/catz/ns1/catalog-bad6.example.db | 7 +++++++ bin/tests/system/catz/ns1/named.conf.in | 10 ++++++++++ bin/tests/system/catz/ns2/named1.conf.in | 10 ++++++++++ bin/tests/system/catz/tests.sh | 6 ++++++ 4 files changed, 33 insertions(+) create mode 100644 bin/tests/system/catz/ns1/catalog-bad6.example.db diff --git a/bin/tests/system/catz/ns1/catalog-bad6.example.db b/bin/tests/system/catz/ns1/catalog-bad6.example.db new file mode 100644 index 0000000000..bc5ca70492 --- /dev/null +++ b/bin/tests/system/catz/ns1/catalog-bad6.example.db @@ -0,0 +1,7 @@ +@ 3600 SOA . . 1 86400 3600 86400 3600 +@ 3600 IN NS invalid. +version IN TXT "2" +deadbeef.zones IN PTR member.example. +mykey.primaries.ext.deadbeef.zones IN A 192.0.2.1 +; bad key name label too big +mykey.primaries.ext.deadbeef.zones IN TXT "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.example.com" diff --git a/bin/tests/system/catz/ns1/named.conf.in b/bin/tests/system/catz/ns1/named.conf.in index 1f4ee99337..89c461e92d 100644 --- a/bin/tests/system/catz/ns1/named.conf.in +++ b/bin/tests/system/catz/ns1/named.conf.in @@ -108,6 +108,16 @@ view "default" { notify explicit; }; + # Bad TSIG key name + zone "catalog-bad6.example" { + type primary; + file "catalog-bad6.example.db"; + allow-transfer { any; }; + allow-update { any; }; + also-notify { 10.53.0.2; }; + notify explicit; + }; + # A catalog zone that requires TLS to be used zone "catalog-tls.example" { type primary; diff --git a/bin/tests/system/catz/ns2/named1.conf.in b/bin/tests/system/catz/ns2/named1.conf.in index b13d912ad7..993edcfee4 100644 --- a/bin/tests/system/catz/ns2/named1.conf.in +++ b/bin/tests/system/catz/ns2/named1.conf.in @@ -67,6 +67,10 @@ view "default" { zone "catalog-bad4.example" default-masters { 10.53.0.1; } in-memory yes; + zone "catalog-bad6.example" + default-masters { 10.53.0.1; } + min-update-interval 1s + in-memory yes; }; # A faulty dlz configuration to check if named and catz survive a certain class @@ -155,6 +159,12 @@ view "default" { primaries { 10.53.0.1; }; }; + # Bad TSIG key name + zone "catalog-bad6.example" { + type secondary; + file "catalog-bad6.example.db"; + primaries { 10.53.0.1; }; + }; }; view "ch" ch { diff --git a/bin/tests/system/catz/tests.sh b/bin/tests/system/catz/tests.sh index 713db3b890..f8e7fbe500 100644 --- a/bin/tests/system/catz/tests.sh +++ b/bin/tests/system/catz/tests.sh @@ -126,6 +126,12 @@ grep -F "catz: dns_catz_add_zone catalog-bad5.example" ns2/named.run && ret=1 if [ $ret -ne 0 ]; then echo_i "failed"; fi status=$((status + ret)) +echo_i "checking that catalog-bad6.example (invalid TSIG key name) is handled ($n)" +ret=0 +wait_for_message ns2/named.run "catz: invalid record in catalog zone - mykey.primaries.ext.deadbeef.zones.catalog-bad6.example IN TXT (label too long) - ignoring" || ret=1 +if [ $ret -ne 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + nextpart ns2/named.run >/dev/null ##########################################################################