upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-10 11:20:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix a message parsing regression

Browse source 
the fix for CVE-2023-4408 introduced a regression in the message
parser, which could cause a crash if duplicate rdatasets were found
in the question section. this commit ensures that rdatasets are
correctly disassociated and freed when this occurs.

(cherry picked from commit 4c19d35614)
This commit is contained in:
Evan Hunt 2024-01-16 15:58:53 -08:00 committed by Michał Kępień
parent b626567984
commit 6d70ccd128
No known key found for this signature in database
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/dns/message.c
View file

@ -1164,7 +1164,9 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t *dctx,
cleanup:
if (rdataset != NULL) {
INSIST(!dns_rdataset_isassociated(rdataset));
if (dns_rdataset_isassociated(rdataset)) {
dns_rdataset_disassociate(rdataset);
}
isc_mempool_put(msg->rdspool, rdataset);
}
if (free_name) {