upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-22 01:56:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add a regression test for the BRID/HHIT crash

Browse source 
Add two short records to example.com.db that cause assertion failures
when converted to wire form.

The checks added to tests.sh are technically not required: the relevant
assertion failures are already hit when the zone is transferred out of
ns1.

Update the relevant unit tests with 1-byte records.

Co-authored-by: Mark Andrews <marka@isc.org>
This commit is contained in:
Matthijs Mekking 2025-12-02 16:23:01 +01:00 committed by Michał Kępień
parent 3cae2e0cd5
commit ce1d68cbc5
No known key found for this signature in database
3 changed files with 29 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
bin/tests/system/auth/ns1/example.com.db
View file

@ -23,3 +23,6 @@ www CNAME server.example.net.
inzone CNAME a.example.com.
a A 10.53.0.1
dname DNAME @
brid BRID \# 2 0000
hhit HHIT \# 2 0000

17
bin/tests/system/auth/tests.sh
View file

@ -248,5 +248,22 @@ grep 'ns\.child\.example\.net\..300.IN.A.10\.53\.0\.1$' dig.out.test$n >/dev/nul
[ $ret -eq 0 ] || echo_i "failed"
status=$((status + ret))
# Regression tests for #5616 [CVE-2025-13878] BRID and HHIT assertion failure.
n=$((n + 1))
echo_i "check that BRID query does not trigger assertion failure ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.1 brid.example.com BRID >dig.out.test$n
grep "BRID" dig.out.test$n >/dev/null || ret=1
[ $ret -eq 0 ] || echo_i "failed"
status=$((status + ret))
n=$((n + 1))
echo_i "check that HHIT query does not trigger assertion failure ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.1 hhit.example.com HHIT >dig.out.test$n
grep "HHIT" dig.out.test$n >/dev/null || ret=1
[ $ret -eq 0 ] || echo_i "failed"
status=$((status + ret))
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

10
tests/dns/rdata_test.c
View file

@ -1104,10 +1104,14 @@ ISC_RUN_TEST_IMPL(amtrelay) {
dns_rdatatype_amtrelay, sizeof(dns_rdata_amtrelay_t));
}
/* BRIB RDATA - base64 encoded opaque */
/* BRID RDATA - base64 encoded opaque */
ISC_RUN_TEST_IMPL(brid) {
text_ok_t text_ok[] = { /* empty */
TEXT_INVALID(""),
/* zero length */
TEXT_INVALID("\\# 0"),
/* valid base64 string - minimum size */
TEXT_VALID("AA=="),
/* valid base64 string */
TEXT_VALID("aaaa"),
/* invalid base64 string */
@ -2101,6 +2105,10 @@ ISC_RUN_TEST_IMPL(hip) {
ISC_RUN_TEST_IMPL(hhit) {
text_ok_t text_ok[] = { /* empty */
TEXT_INVALID(""),
/* zero length */
TEXT_INVALID("\\# 0"),
/* valid base64 string - minimum size */
TEXT_VALID("AA=="),
/* valid base64 string */
TEXT_VALID("aaaa"),
/* invalid base64 string */