diff --git a/CHANGES b/CHANGES index f8993cbdd4..03799b2686 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,12 @@ -2439. [bug] Potential NULL dereference in dns_acl_isanyornone(). - [RT #18559] - +2441. [bug] isc_radix_insert() could copy radix tree nodes + incompletely. [RT #18573] + +2440. [bug] named-checkconf used an incorrect test to determine + if an ACL was set to none. + +2439. [bug] Potential NULL dereference in dns_acl_isanyornone(). + [RT #18559] + 2438. [bug] Timeouts could be logged incorrectly under win32. 2437. [bug] Sockets could be closed too early, leading to @@ -50,7 +56,7 @@ epoll and /dev/poll to be selected at compile time. [RT #18277] -2423. [security] Randomize server selection on queries, so as to +2423. [security] Randomize server selection on queries, so as to make forgery a little more difficult. Instead of always preferring the server with the lowest RTT, pick a server with RTT within the same 128 diff --git a/lib/bind9/check.c b/lib/bind9/check.c index d4f2192228..f067e530cd 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: check.c,v 1.92 2008/04/23 21:32:01 each Exp $ */ +/* $Id: check.c,v 1.93 2008/09/12 06:02:31 each Exp $ */ /*! \file */ @@ -476,10 +476,7 @@ check_recursionacls(cfg_aclconfctx_t *actx, const cfg_obj_t *voptions, if (acl == NULL) continue; - if (recursion == ISC_FALSE && - (acl->length != 1 || - acl->elements[0].type != dns_aclelementtype_any || - acl->elements[0].negative != ISC_TRUE)) { + if (recursion == ISC_FALSE && !dns_acl_isnone(acl)) { cfg_obj_log(aclobj, logctx, ISC_LOG_WARNING, "both \"recursion no;\" and " "\"%s\" active%s%s", diff --git a/lib/isc/radix.c b/lib/isc/radix.c index 95f8f54e8f..0ebd2daaab 100644 --- a/lib/isc/radix.c +++ b/lib/isc/radix.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: radix.c,v 1.15 2008/07/15 00:21:16 marka Exp $ */ +/* $Id: radix.c,v 1.16 2008/09/12 06:02:31 each Exp $ */ /* * This source was adapted from MRT's RCS Ids: @@ -417,22 +417,49 @@ isc_radix_insert(isc_radix_tree_t *radix, isc_radix_node_t **target, if (differ_bit == bitlen && node->bit == bitlen) { if (node->prefix != NULL) { /* Set node_num only if it hasn't been set before */ - if (node->node_num[ISC_IS6(family)] == -1) - node->node_num[ISC_IS6(family)] = - ++radix->num_added_node; + if (source != NULL) { + /* Merging node */ + if (node->node_num[0] == -1 && + source->node_num[0] != -1) { + node->node_num[0] = + radix->num_added_node + + source->node_num[0]; + node->data[0] = source->data[0]; + } + if (node->node_num[1] == -1 && + source->node_num[0] != -1) { + node->node_num[1] = + radix->num_added_node + + source->node_num[1]; + node->data[1] = source->data[1]; + } + } else { + if (node->node_num[ISC_IS6(family)] == -1) + node->node_num[ISC_IS6(family)] = + ++radix->num_added_node; + } *target = node; return (ISC_R_SUCCESS); - } - result = _ref_prefix(radix->mctx, &node->prefix, prefix); - if (result != ISC_R_SUCCESS) - return (result); + } else { + result = + _ref_prefix(radix->mctx, &node->prefix, prefix); + if (result != ISC_R_SUCCESS) + return (result); + } INSIST(node->data[0] == NULL && node->node_num[0] == -1 && node->data[1] == NULL && node->node_num[1] == -1); if (source != NULL) { /* Merging node */ - node->node_num[ISC_IS6(family)] = - radix->num_added_node + - source->node_num[ISC_IS6(family)]; + if (source->node_num[0] != -1) { + node->node_num[0] = radix->num_added_node + + source->node_num[0]; + node->data[0] = source->data[0]; + } + if (source->node_num[1] != -1) { + node->node_num[1] = radix->num_added_node + + source->node_num[1]; + node->data[1] = source->data[1]; + } } else { node->node_num[ISC_IS6(family)] = ++radix->num_added_node;