upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-26 03:12:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

RPZ canonical warning displays zone entry incorrectly

Browse source 
Do not insert a NUL into ip_str too early as the full value
is needed later.  Only insert the NUL immediately before
displaying just the prefix string.

(cherry picked from commit 283da99f02)
This commit is contained in:
Mark Andrews 2025-08-25 10:32:36 +10:00
parent ec484f6727
commit 6440743bdc
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
lib/dns/rpz.c
View file

@ -868,7 +868,7 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type,
dns_fixedname_t ip_name2f;
dns_name_t ip_name;
const char *prefix_str = NULL, *cp = NULL, *end = NULL;
char *cp2;
char *prefix_end, *cp2;
int ip_labels;
dns_rpz_prefix_t prefix;
unsigned long prefix_num, l;
@ -906,12 +906,9 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type,
"");
return ISC_R_FAILURE;
}
/*
* Patch in trailing nul character to print just the length
* label (for various cases below).
*/
*cp2 = '\0';
prefix_end = cp2;
if (prefix_num < 1U || prefix_num > 128U) {
*prefix_end = '\0';
badname(log_level, src_name, "; invalid prefix length of ",
prefix_str);
return ISC_R_FAILURE;
@ -924,6 +921,7 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type,
* from the form "prefix.z.y.x.w"
*/
if (prefix_num > 32U) {
*prefix_end = '\0';
badname(log_level, src_name,
"; invalid IPv4 prefix length of ", prefix_str);
return ISC_R_FAILURE;
@ -1002,6 +1000,7 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type,
i = prefix % DNS_RPZ_CIDR_WORD_BITS;
aword = tgt_ip->w[prefix / DNS_RPZ_CIDR_WORD_BITS];
if ((aword & ~DNS_RPZ_WORD_MASK(i)) != 0) {
*prefix_end = '\0';
badname(log_level, src_name,
"; too small prefix length of ", prefix_str);
return ISC_R_FAILURE;