upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 10:10:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
bind9/bin
History
Petr Špaček b5dc46fe6e
Test that fake child delegation cannot overwrite parent's glue RR 
In short, the attacker tries to spoof at least one answer that has the
following form:

    rcode NOERROR
    flags QR
    ;QUESTION
    trigger$RANDOM.victim. IN TXT
    ;ANSWER
    ;AUTHORITY
    trigger$RANDOM.victim. 3600 IN NS ns.victim.
    ;ADDITIONAL
    ns.victim. 3600 IN A 10.53.0.3

This attack was originally reported as "test case 2".

Co-authored-by: Michał Kępień <michal@isc.org>
2025-12-22 11:58:39 +01:00
..
check cfg_parse_ API doesn't need memory context 2025-12-04 16:09:40 +01:00
confgen Change the 'isc_g_mctx' to be always available 2025-08-04 11:29:50 +02:00
delv cfg_parse_ API doesn't need memory context 2025-12-04 16:09:40 +01:00
dig cfg_parse_ API doesn't need memory context 2025-12-04 16:09:40 +01:00
dnssec Cleanup the extra dns_rdataset_disassociate() code 2025-12-17 15:19:55 +01:00
include Add new 'notify-cds' configuration option 2025-12-19 14:08:15 +01:00
named Add new 'notify-cds' configuration option 2025-12-19 14:08:15 +01:00
nsupdate cfg_parse_ API doesn't need memory context 2025-12-04 16:09:40 +01:00
plugins Apply the dns_rdataset_cleanup patch through the codebase 2025-12-17 15:19:55 +01:00
rndc cfg_parse_ API doesn't need memory context 2025-12-04 16:09:40 +01:00
tests Test that fake child delegation cannot overwrite parent's glue RR 2025-12-22 11:58:39 +01:00
tools switch to RETERR where it wasn't being used 2025-12-03 13:45:43 -08:00
meson.build replace the build system with meson 2025-06-11 10:30:12 +03:00