From ee7ee1c4f706d6e6fbad4cfa31876295b73d7a94 Mon Sep 17 00:00:00 2001 From: Mukund Sivaraman Date: Fri, 14 Aug 2015 12:57:05 +0530 Subject: [PATCH] Fix assertion failure in parsing NSAP records from text (cherry picked from commit 474921d733e9592ab93b3905907f2dcb393e12c9) (cherry picked from commit 92501735109c3e59ff86606a5ce6a1ab6f6c04bc) --- CHANGES | 3 +++ .../system/checkzone/zones/bad-nsap-empty.db | 21 +++++++++++++++++++ .../checkzone/zones/bad-nsap-odd-nibble.db | 21 +++++++++++++++++++ bin/tests/system/checkzone/zones/good-nsap.db | 21 +++++++++++++++++++ lib/dns/rdata/in_1/nsap_22.c | 8 ++++--- 5 files changed, 71 insertions(+), 3 deletions(-) create mode 100644 bin/tests/system/checkzone/zones/bad-nsap-empty.db create mode 100644 bin/tests/system/checkzone/zones/bad-nsap-odd-nibble.db create mode 100644 bin/tests/system/checkzone/zones/good-nsap.db diff --git a/CHANGES b/CHANGES index 24728f8060..2ded011f20 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4177. [bug] Fix assertion failure in parsing NSAP records from + text. [RT #40285] + 4176. [bug] Address race issues with lwresd. [RT #40284] 4175. [bug] TKEY with GSS-API keys needed bigger buffers. diff --git a/bin/tests/system/checkzone/zones/bad-nsap-empty.db b/bin/tests/system/checkzone/zones/bad-nsap-empty.db new file mode 100644 index 0000000000..b867af92ec --- /dev/null +++ b/bin/tests/system/checkzone/zones/bad-nsap-empty.db @@ -0,0 +1,21 @@ +; Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +$TTL 600 +@ SOA ns hostmaster 2011012708 3600 1200 604800 1200 + NS ns +ns A 192.0.2.1 + +; NSAP with an odd number of hex digits +example NSAP 0x47000580005a0000000001e133ffffff000161000 diff --git a/bin/tests/system/checkzone/zones/bad-nsap-odd-nibble.db b/bin/tests/system/checkzone/zones/bad-nsap-odd-nibble.db new file mode 100644 index 0000000000..6f2663a6d0 --- /dev/null +++ b/bin/tests/system/checkzone/zones/bad-nsap-odd-nibble.db @@ -0,0 +1,21 @@ +; Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +$TTL 600 +@ SOA ns hostmaster 2011012708 3600 1200 604800 1200 + NS ns +ns A 192.0.2.1 + +; empty NSAP address +example NSAP 0x diff --git a/bin/tests/system/checkzone/zones/good-nsap.db b/bin/tests/system/checkzone/zones/good-nsap.db new file mode 100644 index 0000000000..615b271c50 --- /dev/null +++ b/bin/tests/system/checkzone/zones/good-nsap.db @@ -0,0 +1,21 @@ +; Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +$TTL 600 +@ SOA ns hostmaster 2011012708 3600 1200 604800 1200 + NS ns +ns A 192.0.2.1 + +; empty NSAP address +example NSAP 0x47.0005.80.005a00.0000....0001.e133.ffffff000162.00 diff --git a/lib/dns/rdata/in_1/nsap_22.c b/lib/dns/rdata/in_1/nsap_22.c index 66129fe0fd..6eecdc32b1 100644 --- a/lib/dns/rdata/in_1/nsap_22.c +++ b/lib/dns/rdata/in_1/nsap_22.c @@ -31,7 +31,8 @@ fromtext_in_nsap(ARGS_FROMTEXT) { isc_token_t token; isc_textregion_t *sr; int n; - int digits; + isc_boolean_t valid = ISC_FALSE; + int digits = 0; unsigned char c = 0; REQUIRE(type == 22); @@ -52,7 +53,6 @@ fromtext_in_nsap(ARGS_FROMTEXT) { if (sr->base[0] != '0' || (sr->base[1] != 'x' && sr->base[1] != 'X')) RETTOK(DNS_R_SYNTAX); isc_textregion_consume(sr, 2); - digits = 0; while (sr->length > 0) { if (sr->base[0] == '.') { isc_textregion_consume(sr, 1); @@ -64,11 +64,13 @@ fromtext_in_nsap(ARGS_FROMTEXT) { c += n; if (++digits == 2) { RETERR(mem_tobuffer(target, &c, 1)); + valid = ISC_TRUE; digits = 0; + c = 0; } isc_textregion_consume(sr, 1); } - if (digits) + if (digits != 0 || !valid) RETTOK(ISC_R_UNEXPECTEDEND); return (ISC_R_SUCCESS); }