upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-22 01:56:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
bind9/tests/isc
History
Ondřej Surý 6082274450 Stop isc_file_safecreate from following symlinks 
The function existence-checked the target with stat() and then opened
the same path without O_NOFOLLOW, so a symlink at the target path
passed the regular-file test against the link's destination and the
open() that followed truncated and wrote through the link.
rndc-confgen -a is typically run as root and writes the keyfile under
a directory that service accounts may have write access to, so a stray
symlink there would silently redirect the truncate, fchown, and
overwrite to whatever file the link pointed at.

Switch the existence check to lstat() and use S_ISREG() so a symlink's
S_IFLNK mode is detected directly (a plain bitmask of S_IFREG matches
both, since S_IFLNK shares its high bit). Add O_NOFOLLOW to both
open() flag sets to close the lstat/open TOCTOU window. Hardening
against unexpected symlinks on intermediate path components is out of
scope.

Assisted-by: Claude:claude-opus-4-7
2026-04-29 16:56:25 +02:00
..
testdata/file Move all the unit tests to /tests/<libname>/ 2022-05-28 14:53:02 -07:00
ascii_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
async_test.c Change the loopmgr to be singleton 2025-07-23 22:44:16 +02:00
buffer_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
counter_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
dnsstream_utils_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
dnsstream_utils_test_data.h Add a set of unit tests for dnsbuffer_t and dnsstream_assembler_t 2022-12-20 21:24:45 +02:00
doh_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
errno_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
file_test.c Stop isc_file_safecreate from following symlinks 2026-04-29 16:56:25 +02:00
hash_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
hashmap_nodes.h Reduce the size of hashmap_nodes.h file 2024-08-15 10:05:32 +02:00
hashmap_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
heap_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
histo_test.c Support compilation with cmocka 2.0.0+ 2026-01-07 10:38:45 +01:00
hmac_test.c Separate isc_hmac between pre and post OpenSSL 3.0 2026-02-02 11:50:14 +03:00
ht_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
job_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
lex_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
loop_test.c Fix one-definition-rule violation in the loop unit test 2025-07-24 17:34:11 +02:00
md_test.c switch isc_md_type_t to a proper enum 2026-02-02 11:12:55 +03:00
mem_test.c Support compilation with cmocka 2.0.0+ 2026-01-07 10:38:45 +01:00
meson.build Actually retry the flaky unit tests 2026-04-13 11:01:05 +02:00
mutex_test.c ISC_RUN_TEST_IMPL should use a static declaration 2026-01-28 07:26:04 +11:00
netaddr_test.c IPv6 case to isc_netaddr_masktoprefixlen tests 2025-03-26 13:56:53 +01:00
netmgr_common.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
netmgr_common.h Refactor the network manager to be a singleton 2025-07-23 22:45:38 +02:00
parse_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
proxyheader_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
proxyheader_test_data.h Add PROXY header handling unit test suite 2023-12-06 15:15:24 +02:00
proxystream_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
proxyudp_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
quota_test.c Add support for setting thread stack size 2025-08-05 10:46:09 +02:00
radix_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
ratelimiter_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
regex_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
result_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
rwlock_test.c ISC_RUN_TEST_IMPL should use a static declaration 2026-01-28 07:26:04 +11:00
safe_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
siphash_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
sockaddr_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
spinlock_test.c ISC_RUN_TEST_IMPL should use a static declaration 2026-01-28 07:26:04 +11:00
stats_test.c Add low contention stats counter 2026-03-26 10:19:25 +01:00
stream_shutdown.c Change the loopmgr to be singleton 2025-07-23 22:44:16 +02:00
symtab_test.c Add and use global memory context called isc_g_mctx 2025-08-04 11:29:26 +02:00
tcp_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
tcpdns_test.c Refactor the network manager to be a singleton 2025-07-23 22:45:38 +02:00
time_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
timer_test.c Change the loopmgr to be singleton 2025-07-23 22:44:16 +02:00
tls_test.c Move the library init and shutdown to executables 2025-02-22 16:19:00 +01:00
tlsdns_test.c Refactor the network manager to be a singleton 2025-07-23 22:45:38 +02:00
udp_test.c Refactor the network manager to be a singleton 2025-07-23 22:45:38 +02:00
uv_wrap.h Remove redundant parentheses from the return statement 2024-11-19 12:27:22 +01:00
work_test.c Enforce isc_work enqueue loop affinity 2026-03-14 06:32:50 +01:00